Tworzy lub aktualizuje klaster zarządzany.
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerService/managedClusters/{resourceName}?api-version=2024-09-01
Parametry identyfikatora URI
| Nazwa |
W |
Wymagane |
Typ |
Opis |
|
resourceGroupName
|
path |
True
|
string
|
Nazwa grupy zasobów. Nazwa jest niewrażliwa na wielkość liter.
|
|
resourceName
|
path |
True
|
string
|
Nazwa zasobu klastra zarządzanego.
Wzorzec wyrażenia regularnego: ^[a-zA-Z0-9]$|^[a-zA-Z0-9][-_a-zA-Z0-9]{0,61}[a-zA-Z0-9]$
|
|
subscriptionId
|
path |
True
|
string
uuid
|
Identyfikator subskrypcji docelowej. Wartość musi być identyfikatorem UUID.
|
|
api-version
|
query |
True
|
string
|
Wersja interfejsu API do użycia dla tej operacji.
|
| Nazwa |
Wymagane |
Typ |
Opis |
|
If-Match
|
|
string
|
Żądanie powinno być kontynuowane tylko wtedy, gdy jednostka pasuje do tego ciągu.
|
|
If-None-Match
|
|
string
|
Żądanie powinno być kontynuowane tylko wtedy, gdy żadna jednostka nie pasuje do tego ciągu.
|
Treść żądania
| Nazwa |
Wymagane |
Typ |
Opis |
|
location
|
True
|
string
|
Lokalizacja geograficzna, w której znajduje się zasób
|
|
extendedLocation
|
|
ExtendedLocation
|
Rozszerzona lokalizacja maszyny wirtualnej.
|
|
identity
|
|
ManagedClusterIdentity
|
Tożsamość klastra zarządzanego, jeśli jest skonfigurowana.
|
|
properties.aadProfile
|
|
ManagedClusterAADProfile
|
AADProfile określa atrybuty integracji usługi Azure Active Directory.
Konfiguracja usługi Azure Active Directory.
|
|
properties.addonProfiles
|
|
<string,
ManagedClusterAddonProfile>
|
Profil dodatku klastra zarządzanego.
|
|
properties.agentPoolProfiles
|
|
ManagedClusterAgentPoolProfile[]
|
Właściwości puli agentów.
|
|
properties.apiServerAccessProfile
|
|
ManagedClusterAPIServerAccessProfile
|
Profil dostępu dla serwera interfejsu API klastra zarządzanego.
|
|
properties.autoScalerProfile
|
|
AutoScalerProfile
|
Parametry, które mają być stosowane do skalowania automatycznego klastra po włączeniu
|
|
properties.autoUpgradeProfile
|
|
ManagedClusterAutoUpgradeProfile
|
Konfiguracja automatycznego uaktualniania.
|
|
properties.azureMonitorProfile
|
|
ManagedClusterAzureMonitorProfile
|
Profile dodatków usługi Azure Monitor do monitorowania klastra zarządzanego.
|
|
properties.disableLocalAccounts
|
|
boolean
|
Jeśli konta lokalne powinny być wyłączone w klastrze zarządzanym.
Jeśli ustawiono wartość true, pobieranie poświadczeń statycznych zostanie wyłączone dla tego klastra. Należy go używać tylko w klastrach zarządzanych z włączoną usługą AAD. Aby uzyskać więcej informacji, zobacz wyłączanie kont lokalnych.
|
|
properties.diskEncryptionSetID
|
|
string
|
Identyfikator zasobu szyfrowania dysku ustawiony na potrzeby włączania szyfrowania magazynowanych.
Jest to forma: "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}"
|
|
properties.dnsPrefix
|
|
string
|
Prefiks DNS klastra zarządzanego.
Nie można go zaktualizować po utworzeniu klastra zarządzanego.
|
|
properties.enablePodSecurityPolicy
|
|
boolean
|
(PRZESTARZAŁE) Czy włączyć zasady zabezpieczeń zasobnika Kubernetes (wersja zapoznawcza). Funkcja PodSecurityPolicy została uznana za przestarzałą w wersji 1.21 platformy Kubernetes i usunięta z platformy Kubernetes w wersji 1.25. Dowiedz się więcej na temat https://aka.ms/k8s/psp i https://aka.ms/aks/psp.
|
|
properties.enableRBAC
|
|
boolean
|
Czy włączyć platformę Kubernetes Role-Based kontrola dostępu.
|
|
properties.fqdnSubdomain
|
|
string
|
Poddomena nazwy FQDN klastra prywatnego z niestandardową prywatną strefą DNS.
Nie można go zaktualizować po utworzeniu klastra zarządzanego.
|
|
properties.httpProxyConfig
|
|
ManagedClusterHTTPProxyConfig
|
Konfiguracje aprowizowania klastra za pomocą serwerów proxy HTTP.
|
|
properties.identityProfile
|
|
<string,
UserAssignedIdentity>
|
Tożsamość użytkownika skojarzona z klastrem zarządzanym. Ta tożsamość będzie używana przez narzędzie kubelet. Dozwolona jest tylko jedna tożsamość przypisana przez użytkownika. Jedynym akceptowanym kluczem jest "kubeletidentity", z wartością "resourceId": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}".
|
|
properties.ingressProfile
|
|
ManagedClusterIngressProfile
|
Profil ruchu przychodzącego dla klastra zarządzanego.
|
|
properties.kubernetesVersion
|
|
string
|
Wersja platformy Kubernetes określona przez użytkownika.
Obsługiwane są obie wersje poprawek <major.minor.patch> (np. 1.20.13) i <major.minor> (np. 1.20). Po określeniu <główna.pomocnicza> jest wybierana automatycznie najnowsza obsługiwana wersja poprawki ogólnie dostępnej. Aktualizowanie klastra przy użyciu tego samego <major.minor> po jego utworzeniu (np. 1.14.x —> 1.14) nie wyzwoli uaktualnienia, nawet jeśli jest dostępna nowsza wersja poprawki. Podczas uaktualniania obsługiwanego klastra usługi AKS nie można pominąć wersji pomocniczych platformy Kubernetes. Wszystkie uaktualnienia muszą być wykonywane sekwencyjnie według numeru wersji głównej. Na przykład uaktualnienia z zakresu 1.14.x —> 1.15.x lub 1.15.x —> 1.16.x są dozwolone, jednak wersja 1.14.x —> 1.16.x jest niedozwolona. Aby uzyskać więcej informacji, zobacz uaktualniania klastra usługi AKS.
|
|
properties.linuxProfile
|
|
ContainerServiceLinuxProfile
|
Profil maszyn wirtualnych z systemem Linux w klastrze zarządzanym.
|
|
properties.metricsProfile
|
|
ManagedClusterMetricsProfile
|
Opcjonalna konfiguracja metryk klastra.
|
|
properties.networkProfile
|
|
ContainerServiceNetworkProfile
|
Profil konfiguracji sieci.
|
|
properties.nodeResourceGroup
|
|
string
|
Nazwa grupy zasobów zawierającej węzły puli agentów.
|
|
properties.nodeResourceGroupProfile
|
|
ManagedClusterNodeResourceGroupProfile
|
Profil konfiguracji grupy zasobów węzła.
|
|
properties.oidcIssuerProfile
|
|
ManagedClusterOIDCIssuerProfile
|
Profil wystawcy OIDC klastra zarządzanego.
|
|
properties.podIdentityProfile
|
|
ManagedClusterPodIdentityProfile
|
Profil tożsamości zasobnika klastra zarządzanego.
Aby uzyskać więcej informacji na temat integracji tożsamości zasobnika usługi AAD, zobacz korzystanie z tożsamości zasobnika usługi AAD.
|
|
properties.privateLinkResources
|
|
PrivateLinkResource[]
|
Zasoby łącza prywatnego skojarzone z klastrem.
|
|
properties.publicNetworkAccess
|
|
PublicNetworkAccess
|
PublicNetworkAccess zarządzanegocluster
Zezwalanie na dostęp do sieci publicznej dla usługi AKS lub odmawianie dostępu do sieci publicznej
|
|
properties.securityProfile
|
|
ManagedClusterSecurityProfile
|
Profil zabezpieczeń klastra zarządzanego.
|
|
properties.serviceMeshProfile
|
|
ServiceMeshProfile
|
Profil usługi Service Mesh dla klastra zarządzanego.
|
|
properties.servicePrincipalProfile
|
|
ManagedClusterServicePrincipalProfile
|
Informacje o tożsamości jednostki usługi dla klastra do użycia do manipulowania interfejsami API platformy Azure.
|
|
properties.storageProfile
|
|
ManagedClusterStorageProfile
|
Profil magazynu dla klastra zarządzanego.
|
|
properties.supportPlan
|
|
KubernetesSupportPlan
|
Plan pomocy technicznej dla klastra zarządzanego. Jeśli nie określono, wartość domyślna to "KubernetesOfficial".
|
|
properties.upgradeSettings
|
|
ClusterUpgradeSettings
|
Ustawienia uaktualniania klastra.
|
|
properties.windowsProfile
|
|
ManagedClusterWindowsProfile
|
Profil maszyn wirtualnych z systemem Windows w klastrze zarządzanym.
|
|
properties.workloadAutoScalerProfile
|
|
ManagedClusterWorkloadAutoScalerProfile
|
Profil automatycznego skalowania obciążenia dla klastra zarządzanego.
|
|
sku
|
|
ManagedClusterSKU
|
Jednostka SKU klastra zarządzanego.
|
|
tags
|
|
object
|
Tagi zasobów.
|
Odpowiedzi
| Nazwa |
Typ |
Opis |
|
200 OK
|
ManagedCluster
|
Istniejący klaster zarządzany został pomyślnie zaktualizowany.
|
|
201 Created
|
ManagedCluster
|
Nowy klaster zarządzany został pomyślnie utworzony.
|
|
Other Status Codes
|
CloudError
|
Odpowiedź na błąd opisująca, dlaczego operacja nie powiodła się.
|
Zabezpieczenia
azure_auth
Przepływ protokołu OAuth2 usługi Azure Active Directory
Typ:
oauth2
Flow:
implicit
Adres URL autoryzacji:
https://login.microsoftonline.com/common/oauth2/authorize
Zakresy
| Nazwa |
Opis |
|
user_impersonation
|
personifikacja konta użytkownika
|
Przykłady
Create Managed Cluster using an agent pool snapshot
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableFIPS": true,
"creationData": {
"sourceResourceId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/snapshots/snapshot1"
}
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": false
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.CreationData;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_Snapshot.json
*/
/**
* Sample code: Create Managed Cluster using an agent pool snapshot.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createManagedClusterUsingAnAgentPoolSnapshot(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true).withEnableFips(true)
.withCreationData(new CreationData().withSourceResourceId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/snapshots/snapshot1"))
.withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(false)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_snapshot.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"creationData": {
"sourceResourceId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/snapshots/snapshot1"
},
"enableFIPS": True,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": False,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_Snapshot.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_Snapshot.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterUsingAnAgentPoolSnapshot() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
CreationData: &armcontainerservice.CreationData{
SourceResourceID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/snapshots/snapshot1"),
},
EnableFIPS: to.Ptr(true),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(false),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CreationData: &armcontainerservice.CreationData{
// SourceResourceID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/snapshots/snapshot1"),
// },
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableFIPS: to.Ptr(true),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(false),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_Snapshot.json
*/
async function createManagedClusterUsingAnAgentPoolSnapshot() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
creationData: {
sourceResourceId:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/snapshots/snapshot1",
},
enableFips: true,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: false,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"enableFIPS": true,
"creationData": {
"sourceResourceId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/snapshots/snapshot1"
}
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": false,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableFIPS": true,
"creationData": {
"sourceResourceId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/snapshots/snapshot1"
}
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": false,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create Managed Cluster with AKS-managed NAT gateway as outbound type
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": false,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "managedNATGateway",
"natGatewayProfile": {
"managedOutboundIPProfile": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterManagedOutboundIpProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterNatGatewayProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_ManagedNATGateway.json
*/
/**
* Sample code: Create Managed Cluster with AKS-managed NAT gateway as outbound type.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createManagedClusterWithAKSManagedNATGatewayAsOutboundType(
com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_DS2_v2")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withEnableNodePublicIp(false).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile()
.withOutboundType(OutboundType.MANAGED_NATGATEWAY).withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withNatGatewayProfile(new ManagedClusterNatGatewayProfile()
.withManagedOutboundIpProfile(new ManagedClusterManagedOutboundIpProfile().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_managed_nat_gateway.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": False,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerSku": "standard",
"natGatewayProfile": {"managedOutboundIPProfile": {"count": 2}},
"outboundType": "managedNATGateway",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_ManagedNATGateway.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_ManagedNATGateway.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithAksManagedNatGatewayAsOutboundType() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(false),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
NatGatewayProfile: &armcontainerservice.ManagedClusterNATGatewayProfile{
ManagedOutboundIPProfile: &armcontainerservice.ManagedClusterManagedOutboundIPProfile{
Count: to.Ptr[int32](2),
},
},
OutboundType: to.Ptr(armcontainerservice.OutboundTypeManagedNATGateway),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(false),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NatGatewayProfile: &armcontainerservice.ManagedClusterNATGatewayProfile{
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](4),
// ManagedOutboundIPProfile: &armcontainerservice.ManagedClusterManagedOutboundIPProfile{
// Count: to.Ptr[int32](2),
// },
// },
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeManagedNATGateway),
// PodCidr: to.Ptr("10.244.0.0/16"),
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_ManagedNATGateway.json
*/
async function createManagedClusterWithAksManagedNatGatewayAsOutboundType() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: false,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerSku: "standard",
natGatewayProfile: { managedOutboundIPProfile: { count: 2 } },
outboundType: "managedNATGateway",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": false,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "managedNATGateway",
"natGatewayProfile": {
"idleTimeoutInMinutes": 4,
"managedOutboundIPProfile": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": false,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "managedNATGateway",
"natGatewayProfile": {
"idleTimeoutInMinutes": 4,
"managedOutboundIPProfile": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create Managed Cluster with Azure KeyVault Secrets Provider Addon
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {
"azureKeyvaultSecretsProvider": {
"enabled": true,
"config": {
"enableSecretRotation": "true",
"rotationPollInterval": "2m"
}
}
},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAddonProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_AzureKeyvaultSecretsProvider.json
*/
/**
* Sample code: Create Managed Cluster with Azure KeyVault Secrets Provider Addon.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createManagedClusterWithAzureKeyVaultSecretsProviderAddon(
com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_DS2_v2")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withEnableNodePublicIp(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf("azureKeyvaultSecretsProvider",
new ManagedClusterAddonProfile().withEnabled(true).withConfig(
mapOf("enableSecretRotation", "fakeTokenPlaceholder", "rotationPollInterval", "2m"))))
.withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_azure_keyvault_secrets_provider.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {
"azureKeyvaultSecretsProvider": {
"config": {"enableSecretRotation": "true", "rotationPollInterval": "2m"},
"enabled": True,
}
},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_AzureKeyvaultSecretsProvider.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_AzureKeyvaultSecretsProvider.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithAzureKeyVaultSecretsProviderAddon() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{
"azureKeyvaultSecretsProvider": {
Config: map[string]*string{
"enableSecretRotation": to.Ptr("true"),
"rotationPollInterval": to.Ptr("2m"),
},
Enabled: to.Ptr(true),
},
},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{
// "azureKeyvaultSecretsProvider": &armcontainerservice.ManagedClusterAddonProfile{
// Config: map[string]*string{
// "enableSecretRotation": to.Ptr("true"),
// "rotationPollInterval": to.Ptr("2m"),
// },
// Enabled: to.Ptr(true),
// },
// },
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// EnableEncryptionAtHost: to.Ptr(true),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_AzureKeyvaultSecretsProvider.json
*/
async function createManagedClusterWithAzureKeyVaultSecretsProviderAddon() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {
azureKeyvaultSecretsProvider: {
config: { enableSecretRotation: "true", rotationPollInterval: "2m" },
enabled: true,
},
},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"addonProfiles": {
"azureKeyvaultSecretsProvider": {
"enabled": true,
"config": {
"enableSecretRotation": "true",
"rotationPollInterval": "2m"
}
}
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"addonProfiles": {
"azureKeyvaultSecretsProvider": {
"enabled": true,
"config": {
"enableSecretRotation": "true",
"rotationPollInterval": "2m"
}
}
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create Managed Cluster with Capacity Reservation Group
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"capacityReservationGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/capacityReservationGroups/crg1"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_CRG.json
*/
/**
* Sample code: Create Managed Cluster with Capacity Reservation Group.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createManagedClusterWithCapacityReservationGroup(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true)
.withCapacityReservationGroupId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/capacityReservationGroups/crg1")
.withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_crg.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"capacityReservationGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/capacityReservationGroups/crg1",
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_CRG.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_CRG.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithCapacityReservationGroup() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
CapacityReservationGroupID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/capacityReservationGroups/crg1"),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// CapacityReservationGroupID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/capacityReservationGroups/crg1"),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_CRG.json
*/
async function createManagedClusterWithCapacityReservationGroup() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
capacityReservationGroupID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/capacityReservationGroups/crg1",
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"capacityReservationGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/capacityReservationGroups/crg1"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"capacityReservationGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/capacityReservationGroups/crg1"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create Managed Cluster with Dedicated Host Group
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"hostGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg/providers/Microsoft.Compute/hostGroups/hostgroup1"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": false
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_DedicatedHostGroup.json
*/
/**
* Sample code: Create Managed Cluster with Dedicated Host Group.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createManagedClusterWithDedicatedHostGroup(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withEnableNodePublicIp(true)
.withHostGroupId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg/providers/Microsoft.Compute/hostGroups/hostgroup1")
.withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(false)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_dedicated_host_group.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"hostGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg/providers/Microsoft.Compute/hostGroups/hostgroup1",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": False,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_DedicatedHostGroup.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_DedicatedHostGroup.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithDedicatedHostGroup() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
HostGroupID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg/providers/Microsoft.Compute/hostGroups/hostgroup1"),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(false),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// EnableNodePublicIP: to.Ptr(true),
// HostGroupID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg/providers/Microsoft.Compute/hostGroups/hostgroup1"),
// MaxPods: to.Ptr[int32](110),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(false),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_DedicatedHostGroup.json
*/
async function createManagedClusterWithDedicatedHostGroup() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
hostGroupID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg/providers/Microsoft.Compute/hostGroups/hostgroup1",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: false,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"hostGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg/providers/Microsoft.Compute/hostGroups/hostgroup1"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": false,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"hostGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg/providers/Microsoft.Compute/hostGroups/hostgroup1"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": false,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create Managed Cluster with EncryptionAtHost enabled
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_EnableEncryptionAtHost.json
*/
/**
* Sample code: Create Managed Cluster with EncryptionAtHost enabled.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createManagedClusterWithEncryptionAtHostEnabled(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true).withEnableEncryptionAtHost(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_enable_encryption_at_host.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableEncryptionAtHost": True,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_EnableEncryptionAtHost.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_EnableEncryptionAtHost.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithEncryptionAtHostEnabled() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableEncryptionAtHost: to.Ptr(true),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableEncryptionAtHost: to.Ptr(true),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_EnableEncryptionAtHost.json
*/
async function createManagedClusterWithEncryptionAtHostEnabled() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableEncryptionAtHost: true,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create Managed Cluster with FIPS enabled OS
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableFIPS": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": false
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_EnabledFIPS.json
*/
/**
* Sample code: Create Managed Cluster with FIPS enabled OS.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createManagedClusterWithFIPSEnabledOS(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true).withEnableFips(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(false)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_enabled_fips.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableFIPS": True,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": False,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_EnabledFIPS.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_EnabledFIPS.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithFipsEnabledOs() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableFIPS: to.Ptr(true),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(false),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableFIPS: to.Ptr(true),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(false),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_EnabledFIPS.json
*/
async function createManagedClusterWithFipsEnabledOS() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableFips: true,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: false,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"enableFIPS": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": false,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableFIPS": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": false,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create Managed Cluster with GPUMIG
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_ND96asr_v4",
"osType": "Linux",
"gpuInstanceProfile": "MIG3g",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": [
"localhost",
"127.0.0.1"
],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="
}
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.GpuInstanceProfile;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterHttpProxyConfig;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_GPUMIG.json
*/
/**
* Sample code: Create Managed Cluster with GPUMIG.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createManagedClusterWithGPUMIG(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_ND96asr_v4")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withEnableNodePublicIp(true)
.withGpuInstanceProfile(GpuInstanceProfile.MIG3G).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des")
.withHttpProxyConfig(new ManagedClusterHttpProxyConfig().withHttpProxy("http://myproxy.server.com:8080")
.withHttpsProxy("https://myproxy.server.com:8080")
.withNoProxy(Arrays.asList("localhost", "127.0.0.1"))
.withTrustedCa("Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U=")),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_gpumig.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"gpuInstanceProfile": "MIG3g",
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_ND96asr_v4",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": ["localhost", "127.0.0.1"],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U=",
},
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_GPUMIG.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_GPUMIG.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithGpumig() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
GpuInstanceProfile: to.Ptr(armcontainerservice.GPUInstanceProfileMIG3G),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_ND96asr_v4"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
HTTPProxyConfig: &armcontainerservice.ManagedClusterHTTPProxyConfig{
HTTPProxy: to.Ptr("http://myproxy.server.com:8080"),
HTTPSProxy: to.Ptr("https://myproxy.server.com:8080"),
NoProxy: []*string{
to.Ptr("localhost"),
to.Ptr("127.0.0.1")},
TrustedCa: to.Ptr("Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="),
},
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// GpuInstanceProfile: to.Ptr(armcontainerservice.GPUInstanceProfileMIG3G),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_ND96asr_v4"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// HTTPProxyConfig: &armcontainerservice.ManagedClusterHTTPProxyConfig{
// HTTPProxy: to.Ptr("http://myproxy.server.com:8080"),
// HTTPSProxy: to.Ptr("https://myproxy.server.com:8080"),
// NoProxy: []*string{
// to.Ptr("localhost"),
// to.Ptr("127.0.0.1")},
// TrustedCa: to.Ptr("Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="),
// },
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_GPUMIG.json
*/
async function createManagedClusterWithGpumig() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
gpuInstanceProfile: "MIG3g",
mode: "System",
osType: "Linux",
vmSize: "Standard_ND96asr_v4",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
httpProxyConfig: {
httpProxy: "http://myproxy.server.com:8080",
httpsProxy: "https://myproxy.server.com:8080",
noProxy: ["localhost", "127.0.0.1"],
trustedCa: "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U=",
},
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_ND96asr_v4",
"maxPods": 110,
"osType": "Linux",
"gpuInstanceProfile": "MIG3g",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": [
"localhost",
"127.0.0.1"
],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_ND96asr_v4",
"maxPods": 110,
"osType": "Linux",
"gpuInstanceProfile": "MIG3g",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": [
"localhost",
"127.0.0.1"
],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="
}
}
}
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": [
"localhost",
"127.0.0.1"
],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="
}
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterHttpProxyConfig;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_HTTPProxy.json
*/
/**
* Sample code: Create Managed Cluster with HTTP proxy configured.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createManagedClusterWithHTTPProxyConfigured(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_DS2_v2")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withEnableNodePublicIp(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des")
.withHttpProxyConfig(new ManagedClusterHttpProxyConfig().withHttpProxy("http://myproxy.server.com:8080")
.withHttpsProxy("https://myproxy.server.com:8080")
.withNoProxy(Arrays.asList("localhost", "127.0.0.1"))
.withTrustedCa("Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U=")),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_httpproxy.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": ["localhost", "127.0.0.1"],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U=",
},
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_HTTPProxy.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_HTTPProxy.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithHttpProxyConfigured() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
HTTPProxyConfig: &armcontainerservice.ManagedClusterHTTPProxyConfig{
HTTPProxy: to.Ptr("http://myproxy.server.com:8080"),
HTTPSProxy: to.Ptr("https://myproxy.server.com:8080"),
NoProxy: []*string{
to.Ptr("localhost"),
to.Ptr("127.0.0.1")},
TrustedCa: to.Ptr("Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="),
},
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// HTTPProxyConfig: &armcontainerservice.ManagedClusterHTTPProxyConfig{
// HTTPProxy: to.Ptr("http://myproxy.server.com:8080"),
// HTTPSProxy: to.Ptr("https://myproxy.server.com:8080"),
// NoProxy: []*string{
// to.Ptr("localhost"),
// to.Ptr("127.0.0.1")},
// TrustedCa: to.Ptr("Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="),
// },
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_HTTPProxy.json
*/
async function createManagedClusterWithHttpProxyConfigured() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
httpProxyConfig: {
httpProxy: "http://myproxy.server.com:8080",
httpsProxy: "https://myproxy.server.com:8080",
noProxy: ["localhost", "127.0.0.1"],
trustedCa: "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U=",
},
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": [
"localhost",
"127.0.0.1"
],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": [
"localhost",
"127.0.0.1"
],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="
}
}
}
Create Managed Cluster with LongTermSupport
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Base",
"tier": "Premium"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"apiServerAccessProfile": {
"disableRunCommand": true
},
"addonProfiles": {},
"enableRBAC": true,
"enablePodSecurityPolicy": true,
"supportPlan": "AKSLongTermSupport"
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.KubernetesSupportPlan;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterApiServerAccessProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_Premium.json
*/
/**
* Sample code: Create Managed Cluster with LongTermSupport.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createManagedClusterWithLongTermSupport(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.BASE).withTier(ManagedClusterSkuTier.PREMIUM))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true).withEnableEncryptionAtHost(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true)
.withSupportPlan(KubernetesSupportPlan.AKSLONG_TERM_SUPPORT).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withApiServerAccessProfile(new ManagedClusterApiServerAccessProfile().withDisableRunCommand(true)),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_premium.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableEncryptionAtHost": True,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"apiServerAccessProfile": {"disableRunCommand": True},
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"supportPlan": "AKSLongTermSupport",
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Base", "tier": "Premium"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_Premium.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_Premium.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithLongTermSupport() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableEncryptionAtHost: to.Ptr(true),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
APIServerAccessProfile: &armcontainerservice.ManagedClusterAPIServerAccessProfile{
DisableRunCommand: to.Ptr(true),
},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
SupportPlan: to.Ptr(armcontainerservice.KubernetesSupportPlanAKSLongTermSupport),
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUNameBase),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierPremium),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableEncryptionAtHost: to.Ptr(true),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// APIServerAccessProfile: &armcontainerservice.ManagedClusterAPIServerAccessProfile{
// DisableRunCommand: to.Ptr(true),
// },
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-ee788a1f.hcp.location1.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// PrivateFQDN: to.Ptr("dnsprefix1-aae7e0f0.5cef6058-b6b5-414d-8cb1-4bd14eb0b15c.privatelink.location1.azmk8s.io"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// SupportPlan: to.Ptr(armcontainerservice.KubernetesSupportPlanAKSLongTermSupport),
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// SKU: &armcontainerservice.ManagedClusterSKU{
// Name: to.Ptr(armcontainerservice.ManagedClusterSKUNameBase),
// Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierPremium),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_Premium.json
*/
async function createManagedClusterWithLongTermSupport() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableEncryptionAtHost: true,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
apiServerAccessProfile: { disableRunCommand: true },
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Base", tier: "Premium" },
supportPlan: "AKSLongTermSupport",
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"sku": {
"name": "Base",
"tier": "Premium"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"apiServerAccessProfile": {
"disableRunCommand": true
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-ee788a1f.hcp.location1.azmk8s.io",
"privateFQDN": "dnsprefix1-aae7e0f0.5cef6058-b6b5-414d-8cb1-4bd14eb0b15c.privatelink.location1.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"supportPlan": "AKSLongTermSupport"
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"sku": {
"name": "Base",
"tier": "Premium"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"apiServerAccessProfile": {
"disableRunCommand": true
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"fqdn": "dnsprefix1-ee788a1f.hcp.location1.azmk8s.io",
"privateFQDN": "dnsprefix1-aae7e0f0.5cef6058-b6b5-414d-8cb1-4bd14eb0b15c.privatelink.location1.azmk8s.io",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"supportPlan": "AKSLongTermSupport"
}
}
Create Managed Cluster with Node Public IP Prefix
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodePublicIPPrefixID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/publicIPPrefixes/public-ip-prefix"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_NodePublicIPPrefix.json
*/
/**
* Sample code: Create Managed Cluster with Node Public IP Prefix.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createManagedClusterWithNodePublicIPPrefix(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true)
.withNodePublicIpPrefixId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/publicIPPrefixes/public-ip-prefix")
.withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_node_public_ip_prefix.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"nodePublicIPPrefixID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/publicIPPrefixes/public-ip-prefix",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_NodePublicIPPrefix.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_NodePublicIPPrefix.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithNodePublicIpPrefix() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
NodePublicIPPrefixID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/publicIPPrefixes/public-ip-prefix"),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// NodePublicIPPrefixID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/publicIPPrefixes/public-ip-prefix"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_NodePublicIPPrefix.json
*/
async function createManagedClusterWithNodePublicIPPrefix() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
mode: "System",
nodePublicIPPrefixID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/publicIPPrefixes/public-ip-prefix",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"nodePublicIPPrefixID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/publicIPPrefixes/public-ip-prefix"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodePublicIPPrefixID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/publicIPPrefixes/public-ip-prefix"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create Managed Cluster with OSSKU
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"osSKU": "AzureLinux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": [
"localhost",
"127.0.0.1"
],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="
}
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterHttpProxyConfig;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSSku;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_OSSKU.json
*/
/**
* Sample code: Create Managed Cluster with OSSKU.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createManagedClusterWithOSSKU(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX).withOsSku(OSSku.AZURE_LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des")
.withHttpProxyConfig(new ManagedClusterHttpProxyConfig().withHttpProxy("http://myproxy.server.com:8080")
.withHttpsProxy("https://myproxy.server.com:8080")
.withNoProxy(Arrays.asList("localhost", "127.0.0.1"))
.withTrustedCa("Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U=")),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_ossku.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osSKU": "AzureLinux",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": ["localhost", "127.0.0.1"],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U=",
},
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_OSSKU.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_OSSKU.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithOssku() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSSKU: to.Ptr(armcontainerservice.OSSKUAzureLinux),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
HTTPProxyConfig: &armcontainerservice.ManagedClusterHTTPProxyConfig{
HTTPProxy: to.Ptr("http://myproxy.server.com:8080"),
HTTPSProxy: to.Ptr("https://myproxy.server.com:8080"),
NoProxy: []*string{
to.Ptr("localhost"),
to.Ptr("127.0.0.1")},
TrustedCa: to.Ptr("Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="),
},
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSSKU: to.Ptr(armcontainerservice.OSSKUAzureLinux),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// HTTPProxyConfig: &armcontainerservice.ManagedClusterHTTPProxyConfig{
// HTTPProxy: to.Ptr("http://myproxy.server.com:8080"),
// HTTPSProxy: to.Ptr("https://myproxy.server.com:8080"),
// NoProxy: []*string{
// to.Ptr("localhost"),
// to.Ptr("127.0.0.1")},
// TrustedCa: to.Ptr("Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="),
// },
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_OSSKU.json
*/
async function createManagedClusterWithOssku() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
mode: "System",
osSKU: "AzureLinux",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
httpProxyConfig: {
httpProxy: "http://myproxy.server.com:8080",
httpsProxy: "https://myproxy.server.com:8080",
noProxy: ["localhost", "127.0.0.1"],
trustedCa: "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U=",
},
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"osSKU": "AzureLinux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": [
"localhost",
"127.0.0.1"
],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"osSKU": "AzureLinux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"httpProxyConfig": {
"httpProxy": "http://myproxy.server.com:8080",
"httpsProxy": "https://myproxy.server.com:8080",
"noProxy": [
"localhost",
"127.0.0.1"
],
"trustedCa": "Q29uZ3JhdHMhIFlvdSBoYXZlIGZvdW5kIGEgaGlkZGVuIG1lc3NhZ2U="
}
}
}
Create Managed Cluster with PodIdentity enabled
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"podIdentityProfile": {
"enabled": true,
"allowNetworkPluginKubenet": true
}
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPodIdentityProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_PodIdentity.json
*/
/**
* Sample code: Create Managed Cluster with PodIdentity enabled.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createManagedClusterWithPodIdentityEnabled(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_DS2_v2")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withEnableNodePublicIp(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf())
.withPodIdentityProfile(
new ManagedClusterPodIdentityProfile().withEnabled(true).withAllowNetworkPluginKubenet(true))
.withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_pod_identity.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"podIdentityProfile": {"allowNetworkPluginKubenet": True, "enabled": True},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PodIdentity.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PodIdentity.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithPodIdentityEnabled() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
PodIdentityProfile: &armcontainerservice.ManagedClusterPodIdentityProfile{
AllowNetworkPluginKubenet: to.Ptr(true),
Enabled: to.Ptr(true),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// PodIdentityProfile: &armcontainerservice.ManagedClusterPodIdentityProfile{
// AllowNetworkPluginKubenet: to.Ptr(true),
// Enabled: to.Ptr(true),
// },
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PodIdentity.json
*/
async function createManagedClusterWithPodIdentityEnabled() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
podIdentityProfile: { allowNetworkPluginKubenet: true, enabled: true },
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"podIdentityProfile": {
"enabled": true,
"allowNetworkPluginKubenet": true
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"podIdentityProfile": {
"enabled": true,
"allowNetworkPluginKubenet": true
}
}
}
Create Managed Cluster with PPG
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"proximityPlacementGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/proximityPlacementGroups/ppg1"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_PPG.json
*/
/**
* Sample code: Create Managed Cluster with PPG.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createManagedClusterWithPPG(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true)
.withProximityPlacementGroupId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/proximityPlacementGroups/ppg1")
.withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_ppg.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"proximityPlacementGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/proximityPlacementGroups/ppg1",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PPG.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PPG.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithPpg() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
ProximityPlacementGroupID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/proximityPlacementGroups/ppg1"),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// ProximityPlacementGroupID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/proximityPlacementGroups/ppg1"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PPG.json
*/
async function createManagedClusterWithPpg() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
proximityPlacementGroupID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/proximityPlacementGroups/ppg1",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"proximityPlacementGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/proximityPlacementGroups/ppg1"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"proximityPlacementGroupID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/proximityPlacementGroups/ppg1"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create Managed Cluster with RunCommand disabled
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"apiServerAccessProfile": {
"disableRunCommand": true
},
"addonProfiles": {},
"enableRBAC": true,
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterApiServerAccessProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_DisableRunCommand.json
*/
/**
* Sample code: Create Managed Cluster with RunCommand disabled.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createManagedClusterWithRunCommandDisabled(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true).withEnableEncryptionAtHost(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withApiServerAccessProfile(new ManagedClusterApiServerAccessProfile().withDisableRunCommand(true)),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_disable_run_command.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableEncryptionAtHost": True,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"apiServerAccessProfile": {"disableRunCommand": True},
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_DisableRunCommand.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_DisableRunCommand.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithRunCommandDisabled() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableEncryptionAtHost: to.Ptr(true),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
APIServerAccessProfile: &armcontainerservice.ManagedClusterAPIServerAccessProfile{
DisableRunCommand: to.Ptr(true),
},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableEncryptionAtHost: to.Ptr(true),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// APIServerAccessProfile: &armcontainerservice.ManagedClusterAPIServerAccessProfile{
// DisableRunCommand: to.Ptr(true),
// },
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-ee788a1f.hcp.location1.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// PrivateFQDN: to.Ptr("dnsprefix1-aae7e0f0.5cef6058-b6b5-414d-8cb1-4bd14eb0b15c.privatelink.location1.azmk8s.io"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// SupportPlan: to.Ptr(armcontainerservice.KubernetesSupportPlanKubernetesOfficial),
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_DisableRunCommand.json
*/
async function createManagedClusterWithRunCommandDisabled() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableEncryptionAtHost: true,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
apiServerAccessProfile: { disableRunCommand: true },
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"apiServerAccessProfile": {
"disableRunCommand": true
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-ee788a1f.hcp.location1.azmk8s.io",
"privateFQDN": "dnsprefix1-aae7e0f0.5cef6058-b6b5-414d-8cb1-4bd14eb0b15c.privatelink.location1.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"supportPlan": "KubernetesOfficial"
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"apiServerAccessProfile": {
"disableRunCommand": true
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"fqdn": "dnsprefix1-ee788a1f.hcp.location1.azmk8s.io",
"privateFQDN": "dnsprefix1-aae7e0f0.5cef6058-b6b5-414d-8cb1-4bd14eb0b15c.privatelink.location1.azmk8s.io",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"supportPlan": "KubernetesOfficial"
}
}
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"securityProfile": {
"defender": {
"logAnalyticsWorkspaceResourceId": "/subscriptions/SUB_ID/resourcegroups/RG_NAME/providers/microsoft.operationalinsights/workspaces/WORKSPACE_NAME",
"securityMonitoring": {
"enabled": true
}
},
"workloadIdentity": {
"enabled": true
}
}
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSecurityProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSecurityProfileDefender;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSecurityProfileDefenderSecurityMonitoring;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSecurityProfileWorkloadIdentity;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_SecurityProfile.json
*/
/**
* Sample code: Create Managed Cluster with Security Profile configured.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createManagedClusterWithSecurityProfileConfigured(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_DS2_v2")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withEnableNodePublicIp(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withSecurityProfile(new ManagedClusterSecurityProfile()
.withDefender(new ManagedClusterSecurityProfileDefender().withLogAnalyticsWorkspaceResourceId(
"/subscriptions/SUB_ID/resourcegroups/RG_NAME/providers/microsoft.operationalinsights/workspaces/WORKSPACE_NAME")
.withSecurityMonitoring(
new ManagedClusterSecurityProfileDefenderSecurityMonitoring().withEnabled(true)))
.withWorkloadIdentity(new ManagedClusterSecurityProfileWorkloadIdentity().withEnabled(true))),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_security_profile.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"dnsPrefix": "dnsprefix1",
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"securityProfile": {
"defender": {
"logAnalyticsWorkspaceResourceId": "/subscriptions/SUB_ID/resourcegroups/RG_NAME/providers/microsoft.operationalinsights/workspaces/WORKSPACE_NAME",
"securityMonitoring": {"enabled": True},
},
"workloadIdentity": {"enabled": True},
},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_SecurityProfile.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_SecurityProfile.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithSecurityProfileConfigured() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
DNSPrefix: to.Ptr("dnsprefix1"),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
SecurityProfile: &armcontainerservice.ManagedClusterSecurityProfile{
Defender: &armcontainerservice.ManagedClusterSecurityProfileDefender{
LogAnalyticsWorkspaceResourceID: to.Ptr("/subscriptions/SUB_ID/resourcegroups/RG_NAME/providers/microsoft.operationalinsights/workspaces/WORKSPACE_NAME"),
SecurityMonitoring: &armcontainerservice.ManagedClusterSecurityProfileDefenderSecurityMonitoring{
Enabled: to.Ptr(true),
},
},
WorkloadIdentity: &armcontainerservice.ManagedClusterSecurityProfileWorkloadIdentity{
Enabled: to.Ptr(true),
},
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// SecurityProfile: &armcontainerservice.ManagedClusterSecurityProfile{
// Defender: &armcontainerservice.ManagedClusterSecurityProfileDefender{
// LogAnalyticsWorkspaceResourceID: to.Ptr("/subscriptions/SUB_ID/resourcegroups/RG_NAME/providers/microsoft.operationalinsights/workspaces/WORKSPACE_NAME"),
// SecurityMonitoring: &armcontainerservice.ManagedClusterSecurityProfileDefenderSecurityMonitoring{
// Enabled: to.Ptr(true),
// },
// },
// WorkloadIdentity: &armcontainerservice.ManagedClusterSecurityProfileWorkloadIdentity{
// Enabled: to.Ptr(true),
// },
// },
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_SecurityProfile.json
*/
async function createManagedClusterWithSecurityProfileConfigured() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
dnsPrefix: "dnsprefix1",
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
securityProfile: {
defender: {
logAnalyticsWorkspaceResourceId:
"/subscriptions/SUB_ID/resourcegroups/RG_NAME/providers/microsoft.operationalinsights/workspaces/WORKSPACE_NAME",
securityMonitoring: { enabled: true },
},
workloadIdentity: { enabled: true },
},
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"securityProfile": {
"defender": {
"logAnalyticsWorkspaceResourceId": "/subscriptions/SUB_ID/resourcegroups/RG_NAME/providers/microsoft.operationalinsights/workspaces/WORKSPACE_NAME",
"securityMonitoring": {
"enabled": true
}
},
"workloadIdentity": {
"enabled": true
}
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"securityProfile": {
"defender": {
"logAnalyticsWorkspaceResourceId": "/subscriptions/SUB_ID/resourcegroups/RG_NAME/providers/microsoft.operationalinsights/workspaces/WORKSPACE_NAME",
"securityMonitoring": {
"enabled": true
}
},
"workloadIdentity": {
"enabled": true
}
}
}
}
Create Managed Cluster with UltraSSD enabled
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableUltraSSD": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_EnableUltraSSD.json
*/
/**
* Sample code: Create Managed Cluster with UltraSSD enabled.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createManagedClusterWithUltraSSDEnabled(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true).withEnableUltraSsd(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_enable_ultra_ssd.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"enableUltraSSD": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_EnableUltraSSD.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_EnableUltraSSD.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithUltraSsdEnabled() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
EnableUltraSSD: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// EnableUltraSSD: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_EnableUltraSSD.json
*/
async function createManagedClusterWithUltraSsdEnabled() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
enableUltraSSD: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"enableUltraSSD": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableUltraSSD": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create Managed Cluster with user-assigned NAT gateway as outbound type
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": false,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "userAssignedNATGateway"
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_UserAssignedNATGateway.json
*/
/**
* Sample code: Create Managed Cluster with user-assigned NAT gateway as outbound type.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createManagedClusterWithUserAssignedNATGatewayAsOutboundType(
com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_DS2_v2")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withEnableNodePublicIp(false).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(
new ContainerServiceNetworkProfile().withOutboundType(OutboundType.USER_ASSIGNED_NATGATEWAY)
.withLoadBalancerSku(LoadBalancerSku.STANDARD))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_user_assigned_nat_gateway.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": False,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {"loadBalancerSku": "standard", "outboundType": "userAssignedNATGateway"},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UserAssignedNATGateway.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UserAssignedNATGateway.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithUserAssignedNatGatewayAsOutboundType() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(false),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeUserAssignedNATGateway),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(false),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeUserAssignedNATGateway),
// PodCidr: to.Ptr("10.244.0.0/16"),
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UserAssignedNATGateway.json
*/
async function createManagedClusterWithUserAssignedNatGatewayAsOutboundType() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: false,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerSku: "standard",
outboundType: "userAssignedNATGateway",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": false,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "userAssignedNATGateway"
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": false,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "userAssignedNATGateway"
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"ingressProfile": {
"webAppRouting": {
"enabled": true,
"dnsZoneResourceIds": [
"/subscriptions/SUB_ID/resourceGroups/RG_NAME/providers/Microsoft.Network/dnszones/DNS_ZONE_NAME"
]
}
}
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterIngressProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterIngressProfileWebAppRouting;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_IngressProfile_WebAppRouting.json
*/
/**
* Sample code: Create Managed Cluster with Web App Routing Ingress Profile configured.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createManagedClusterWithWebAppRoutingIngressProfileConfigured(
com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_DS2_v2")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withEnableNodePublicIp(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withIngressProfile(new ManagedClusterIngressProfile()
.withWebAppRouting(new ManagedClusterIngressProfileWebAppRouting().withEnabled(true)
.withDnsZoneResourceIds(Arrays.asList(
"/subscriptions/SUB_ID/resourceGroups/RG_NAME/providers/Microsoft.Network/dnszones/DNS_ZONE_NAME")))),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_ingress_profile_web_app_routing.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"dnsPrefix": "dnsprefix1",
"ingressProfile": {
"webAppRouting": {
"dnsZoneResourceIds": [
"/subscriptions/SUB_ID/resourceGroups/RG_NAME/providers/Microsoft.Network/dnszones/DNS_ZONE_NAME"
],
"enabled": True,
}
},
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_IngressProfile_WebAppRouting.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_IngressProfile_WebAppRouting.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedClusterWithWebAppRoutingIngressProfileConfigured() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
DNSPrefix: to.Ptr("dnsprefix1"),
IngressProfile: &armcontainerservice.ManagedClusterIngressProfile{
WebAppRouting: &armcontainerservice.ManagedClusterIngressProfileWebAppRouting{
DNSZoneResourceIDs: []*string{
to.Ptr("/subscriptions/SUB_ID/resourceGroups/RG_NAME/providers/Microsoft.Network/dnszones/DNS_ZONE_NAME")},
Enabled: to.Ptr(true),
},
},
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// IngressProfile: &armcontainerservice.ManagedClusterIngressProfile{
// WebAppRouting: &armcontainerservice.ManagedClusterIngressProfileWebAppRouting{
// DNSZoneResourceIDs: []*string{
// to.Ptr("/subscriptions/SUB_ID/resourceGroups/RG_NAME/providers/Microsoft.Network/dnszones/DNS_ZONE_NAME")},
// Enabled: to.Ptr(true),
// },
// },
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_IngressProfile_WebAppRouting.json
*/
async function createManagedClusterWithWebAppRoutingIngressProfileConfigured() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
dnsPrefix: "dnsprefix1",
ingressProfile: {
webAppRouting: {
dnsZoneResourceIds: [
"/subscriptions/SUB_ID/resourceGroups/RG_NAME/providers/Microsoft.Network/dnszones/DNS_ZONE_NAME",
],
enabled: true,
},
},
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"ingressProfile": {
"webAppRouting": {
"enabled": true,
"dnsZoneResourceIds": [
"/subscriptions/SUB_ID/resourceGroups/RG_NAME/providers/Microsoft.Network/dnszones/DNS_ZONE_NAME"
]
}
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"ingressProfile": {
"webAppRouting": {
"enabled": true,
"dnsZoneResourceIds": [
"/subscriptions/SUB_ID/resourceGroups/RG_NAME/providers/Microsoft.Network/dnszones/DNS_ZONE_NAME"
]
}
}
}
}
Create Managed Private Cluster with fqdn subdomain specified
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"fqdnSubdomain": "domain1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"apiServerAccessProfile": {
"enablePrivateCluster": true,
"privateDNSZone": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/privateDnsZones/privatelink.location1.azmk8s.io"
},
"addonProfiles": {},
"enableRBAC": true,
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterApiServerAccessProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_PrivateClusterFQDNSubdomain.json
*/
/**
* Sample code: Create Managed Private Cluster with fqdn subdomain specified.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createManagedPrivateClusterWithFqdnSubdomainSpecified(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withFqdnSubdomain("domain1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true).withEnableEncryptionAtHost(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withApiServerAccessProfile(
new ManagedClusterApiServerAccessProfile().withEnablePrivateCluster(true).withPrivateDnsZone(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/privateDnsZones/privatelink.location1.azmk8s.io")),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_private_cluster_fqdn_subdomain.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableEncryptionAtHost": True,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"apiServerAccessProfile": {
"enablePrivateCluster": True,
"privateDNSZone": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/privateDnsZones/privatelink.location1.azmk8s.io",
},
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"fqdnSubdomain": "domain1",
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PrivateClusterFQDNSubdomain.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PrivateClusterFQDNSubdomain.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedPrivateClusterWithFqdnSubdomainSpecified() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableEncryptionAtHost: to.Ptr(true),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
APIServerAccessProfile: &armcontainerservice.ManagedClusterAPIServerAccessProfile{
EnablePrivateCluster: to.Ptr(true),
PrivateDNSZone: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/privateDnsZones/privatelink.location1.azmk8s.io"),
},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
FqdnSubdomain: to.Ptr("domain1"),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableEncryptionAtHost: to.Ptr(true),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// APIServerAccessProfile: &armcontainerservice.ManagedClusterAPIServerAccessProfile{
// EnablePrivateCluster: to.Ptr(true),
// PrivateDNSZone: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/privateDnsZones/privatelink.location1.azmk8s.io"),
// },
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// FqdnSubdomain: to.Ptr("domain1"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// PrivateFQDN: to.Ptr("domain1.privatelink.location1.azmk8s.io"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PrivateClusterFQDNSubdomain.json
*/
async function createManagedPrivateClusterWithFqdnSubdomainSpecified() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableEncryptionAtHost: true,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
apiServerAccessProfile: {
enablePrivateCluster: true,
privateDNSZone:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/privateDnsZones/privatelink.location1.azmk8s.io",
},
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
enablePodSecurityPolicy: true,
enableRbac: true,
fqdnSubdomain: "domain1",
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"fqdnSubdomain": "domain1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"apiServerAccessProfile": {
"enablePrivateCluster": true,
"privateDNSZone": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/privateDnsZones/privatelink.location1.azmk8s.io"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"enablePodSecurityPolicy": true,
"privateFQDN": "domain1.privatelink.location1.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"fqdnSubdomain": "domain1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"apiServerAccessProfile": {
"enablePrivateCluster": true,
"privateDNSZone": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Network/privateDnsZones/privatelink.location1.azmk8s.io"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"privateFQDN": "domain1.privatelink.location1.azmk8s.io",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create Managed Private Cluster with Public FQDN specified
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"apiServerAccessProfile": {
"enablePrivateCluster": true,
"enablePrivateClusterPublicFQDN": true
},
"addonProfiles": {},
"enableRBAC": true,
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterApiServerAccessProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_PrivateClusterPublicFQDN.json
*/
/**
* Sample code: Create Managed Private Cluster with Public FQDN specified.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createManagedPrivateClusterWithPublicFQDNSpecified(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS2_v2").withOsType(OSType.LINUX)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withEnableNodePublicIp(true).withEnableEncryptionAtHost(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withApiServerAccessProfile(new ManagedClusterApiServerAccessProfile().withEnablePrivateCluster(true)
.withEnablePrivateClusterPublicFqdn(true)),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_private_cluster_public_fqdn.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"count": 3,
"enableEncryptionAtHost": True,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"apiServerAccessProfile": {"enablePrivateCluster": True, "enablePrivateClusterPublicFQDN": True},
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PrivateClusterPublicFQDN.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PrivateClusterPublicFQDN.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createManagedPrivateClusterWithPublicFqdnSpecified() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableEncryptionAtHost: to.Ptr(true),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
APIServerAccessProfile: &armcontainerservice.ManagedClusterAPIServerAccessProfile{
EnablePrivateCluster: to.Ptr(true),
EnablePrivateClusterPublicFQDN: to.Ptr(true),
},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableEncryptionAtHost: to.Ptr(true),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// APIServerAccessProfile: &armcontainerservice.ManagedClusterAPIServerAccessProfile{
// EnablePrivateCluster: to.Ptr(true),
// EnablePrivateClusterPublicFQDN: to.Ptr(true),
// PrivateDNSZone: to.Ptr("system"),
// },
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-ee788a1f.hcp.location1.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// PrivateFQDN: to.Ptr("dnsprefix1-aae7e0f0.5cef6058-b6b5-414d-8cb1-4bd14eb0b15c.privatelink.location1.azmk8s.io"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_PrivateClusterPublicFQDN.json
*/
async function createManagedPrivateClusterWithPublicFqdnSpecified() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableEncryptionAtHost: true,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
apiServerAccessProfile: {
enablePrivateCluster: true,
enablePrivateClusterPublicFqdn: true,
},
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"apiServerAccessProfile": {
"enablePrivateCluster": true,
"enablePrivateClusterPublicFQDN": true,
"privateDNSZone": "system"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-ee788a1f.hcp.location1.azmk8s.io",
"privateFQDN": "dnsprefix1-aae7e0f0.5cef6058-b6b5-414d-8cb1-4bd14eb0b15c.privatelink.location1.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"apiServerAccessProfile": {
"enablePrivateCluster": true,
"enablePrivateClusterPublicFQDN": true,
"privateDNSZone": "system"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"fqdn": "dnsprefix1-ee788a1f.hcp.location1.azmk8s.io",
"privateFQDN": "dnsprefix1-aae7e0f0.5cef6058-b6b5-414d-8cb1-4bd14eb0b15c.privatelink.location1.azmk8s.io",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create/Update AAD Managed Cluster with EnableAzureRBAC
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"aadProfile": {
"managed": true,
"enableAzureRBAC": true
},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAadProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_UpdateWithEnableAzureRBAC.json
*/
/**
* Sample code: Create/Update AAD Managed Cluster with EnableAzureRBAC.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createUpdateAADManagedClusterWithEnableAzureRBAC(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_DS1_v2")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withAvailabilityZones(Arrays.asList("1", "2", "3"))
.withEnableNodePublicIp(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAadProfile(new ManagedClusterAadProfile().withManaged(true).withEnableAzureRbac(true))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_update_with_enable_azure_rbac.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"aadProfile": {"enableAzureRBAC": True, "managed": True},
"addonProfiles": {},
"agentPoolProfiles": [
{
"availabilityZones": ["1", "2", "3"],
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS1_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UpdateWithEnableAzureRBAC.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UpdateWithEnableAzureRBAC.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createUpdateAadManagedClusterWithEnableAzureRbac() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AADProfile: &armcontainerservice.ManagedClusterAADProfile{
EnableAzureRBAC: to.Ptr(true),
Managed: to.Ptr(true),
},
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
AvailabilityZones: []*string{
to.Ptr("1"),
to.Ptr("2"),
to.Ptr("3")},
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS1_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AADProfile: &armcontainerservice.ManagedClusterAADProfile{
// EnableAzureRBAC: to.Ptr(true),
// Managed: to.Ptr(true),
// TenantID: to.Ptr("tenantID"),
// },
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// AvailabilityZones: []*string{
// to.Ptr("1"),
// to.Ptr("2"),
// to.Ptr("3")},
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS1_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UpdateWithEnableAzureRBAC.json
*/
async function createOrUpdateAadManagedClusterWithEnableAzureRbac() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
aadProfile: { enableAzureRbac: true, managed: true },
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
availabilityZones: ["1", "2", "3"],
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS1_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"aadProfile": {
"managed": true,
"adminGroupObjectIDs": null,
"enableAzureRBAC": true,
"tenantID": "tenantID"
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"aadProfile": {
"managed": true,
"adminGroupObjectIDs": null,
"enableAzureRBAC": true,
"tenantID": "tenantID"
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
}
}
Create/Update Managed Cluster
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"scaleDownMode": "Deallocate",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"upgradeSettings": {
"overrideSettings": {
"forceUpgrade": false,
"until": "2022-11-01T13:00:00Z"
}
},
"autoScalerProfile": {
"balance-similar-node-groups": "true",
"expander": "priority",
"max-node-provision-time": "15m",
"new-pod-scale-up-delay": "1m",
"scale-down-delay-after-add": "15m",
"scan-interval": "20s",
"skip-nodes-with-system-pods": "false"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {}
}
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ClusterUpgradeSettings;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.Expander;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterIdentity;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.ManagedServiceIdentityUserAssignedIdentitiesValue;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import com.azure.resourcemanager.containerservice.models.ResourceIdentityType;
import com.azure.resourcemanager.containerservice.models.ScaleDownMode;
import com.azure.resourcemanager.containerservice.models.UpgradeOverrideSettings;
import java.time.OffsetDateTime;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_Update.json
*/
/**
* Sample code: Create/Update Managed Cluster.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createUpdateManagedCluster(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku().withName(ManagedClusterSkuName.fromString("Basic"))
.withTier(ManagedClusterSkuTier.FREE))
.withIdentity(new ManagedClusterIdentity().withType(ResourceIdentityType.USER_ASSIGNED)
.withUserAssignedIdentities(mapOf(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1",
new ManagedServiceIdentityUserAssignedIdentitiesValue())))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS1_v2").withOsType(OSType.LINUX).withScaleDownMode(ScaleDownMode.DEALLOCATE)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withAvailabilityZones(Arrays.asList("1", "2", "3")).withEnableNodePublicIp(true)
.withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withUpgradeSettings(new ClusterUpgradeSettings().withOverrideSettings(new UpgradeOverrideSettings()
.withForceUpgrade(false).withUntil(OffsetDateTime.parse("2022-11-01T13:00:00Z"))))
.withAutoScalerProfile(
new ManagedClusterPropertiesAutoScalerProfile().withBalanceSimilarNodeGroups("true")
.withExpander(Expander.PRIORITY).withMaxNodeProvisionTime("15m").withNewPodScaleUpDelay("1m")
.withScanInterval("20s").withScaleDownDelayAfterAdd("15m").withSkipNodesWithSystemPods("false"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_update.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {}
},
},
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"availabilityZones": ["1", "2", "3"],
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"scaleDownMode": "Deallocate",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS1_v2",
}
],
"autoScalerProfile": {
"balance-similar-node-groups": "true",
"expander": "priority",
"max-node-provision-time": "15m",
"new-pod-scale-up-delay": "1m",
"scale-down-delay-after-add": "15m",
"scan-interval": "20s",
"skip-nodes-with-system-pods": "false",
},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"upgradeSettings": {"overrideSettings": {"forceUpgrade": False, "until": "2022-11-01T13:00:00Z"}},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_Update.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"time"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_Update.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createUpdateManagedCluster() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Identity: &armcontainerservice.ManagedClusterIdentity{
Type: to.Ptr(armcontainerservice.ResourceIdentityTypeUserAssigned),
UserAssignedIdentities: map[string]*armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {},
},
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
AvailabilityZones: []*string{
to.Ptr("1"),
to.Ptr("2"),
to.Ptr("3")},
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
ScaleDownMode: to.Ptr(armcontainerservice.ScaleDownModeDeallocate),
VMSize: to.Ptr("Standard_DS1_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
BalanceSimilarNodeGroups: to.Ptr("true"),
Expander: to.Ptr(armcontainerservice.ExpanderPriority),
MaxNodeProvisionTime: to.Ptr("15m"),
NewPodScaleUpDelay: to.Ptr("1m"),
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
SkipNodesWithSystemPods: to.Ptr("false"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
UpgradeSettings: &armcontainerservice.ClusterUpgradeSettings{
OverrideSettings: &armcontainerservice.UpgradeOverrideSettings{
ForceUpgrade: to.Ptr(false),
Until: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-11-01T13:00:00.000Z"); return t }()),
},
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Identity: &armcontainerservice.ManagedClusterIdentity{
// Type: to.Ptr(armcontainerservice.ResourceIdentityTypeUserAssigned),
// UserAssignedIdentities: map[string]*armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
// "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": &armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
// ClientID: to.Ptr("clientId1"),
// PrincipalID: to.Ptr("principalId1"),
// },
// },
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// AvailabilityZones: []*string{
// to.Ptr("1"),
// to.Ptr("2"),
// to.Ptr("3")},
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// ScaleDownMode: to.Ptr(armcontainerservice.ScaleDownModeDeallocate),
// VMSize: to.Ptr("Standard_DS1_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// BalanceSimilarNodeGroups: to.Ptr("true"),
// Expander: to.Ptr(armcontainerservice.ExpanderPriority),
// MaxNodeProvisionTime: to.Ptr("15m"),
// NewPodScaleUpDelay: to.Ptr("1m"),
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// SkipNodesWithSystemPods: to.Ptr("false"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// UpgradeSettings: &armcontainerservice.ClusterUpgradeSettings{
// OverrideSettings: &armcontainerservice.UpgradeOverrideSettings{
// ForceUpgrade: to.Ptr(false),
// Until: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2022-11-01T13:00:00.000Z"); return t}()),
// },
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_Update.json
*/
async function createOrUpdateManagedCluster() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
availabilityZones: ["1", "2", "3"],
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
scaleDownMode: "Deallocate",
vmSize: "Standard_DS1_v2",
},
],
autoScalerProfile: {
balanceSimilarNodeGroups: "true",
expander: "priority",
maxNodeProvisionTime: "15m",
newPodScaleUpDelay: "1m",
scaleDownDelayAfterAdd: "15m",
scanInterval: "20s",
skipNodesWithSystemPods: "false",
},
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
identity: {
type: "UserAssigned",
userAssignedIdentities: {
"/subscriptions/00000000000000000000000000000000/resourcegroups/rgName1/providers/MicrosoftManagedIdentity/userAssignedIdentities/identity1":
{},
},
},
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
upgradeSettings: {
overrideSettings: {
forceUpgrade: false,
until: new Date("2022-11-01T13:00:00Z"),
},
},
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"scaleDownMode": "Deallocate",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"upgradeSettings": {
"overrideSettings": {
"forceUpgrade": false,
"until": "2022-11-01T13:00:00Z"
}
},
"autoScalerProfile": {
"balance-similar-node-groups": "true",
"expander": "priority",
"max-node-provision-time": "15m",
"new-pod-scale-up-delay": "1m",
"scale-down-delay-after-add": "15m",
"scan-interval": "20s",
"skip-nodes-with-system-pods": "false"
}
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
"principalId": "principalId1",
"clientId": "clientId1"
}
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"scaleDownMode": "Deallocate",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
"principalId": "principalId1",
"clientId": "clientId1"
}
}
}
}
Create/Update Managed Cluster with Azure Service Mesh
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"serviceMeshProfile": {
"mode": "Istio",
"istio": {
"components": {
"ingressGateways": [
{
"enabled": true,
"mode": "Internal"
}
],
"egressGateways": [
{
"enabled": true
}
]
},
"certificateAuthority": {
"plugin": {
"keyVaultId": "/subscriptions/854c9ddb-fe9e-4aea-8d58-99ed88282881/resourceGroups/ddama-test/providers/Microsoft.KeyVault/vaults/my-akv",
"certObjectName": "ca-cert",
"keyObjectName": "ca-key",
"rootCertObjectName": "root-cert",
"certChainObjectName": "cert-chain"
}
}
}
},
"addonProfiles": {
"azureKeyvaultSecretsProvider": {
"enabled": true,
"config": {
"enableSecretRotation": "true",
"rotationPollInterval": "2m"
}
}
},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.IstioCertificateAuthority;
import com.azure.resourcemanager.containerservice.models.IstioComponents;
import com.azure.resourcemanager.containerservice.models.IstioEgressGateway;
import com.azure.resourcemanager.containerservice.models.IstioIngressGateway;
import com.azure.resourcemanager.containerservice.models.IstioIngressGatewayMode;
import com.azure.resourcemanager.containerservice.models.IstioPluginCertificateAuthority;
import com.azure.resourcemanager.containerservice.models.IstioServiceMesh;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAddonProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import com.azure.resourcemanager.containerservice.models.ServiceMeshMode;
import com.azure.resourcemanager.containerservice.models.ServiceMeshProfile;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_AzureServiceMesh.json
*/
/**
* Sample code: Create/Update Managed Cluster with Azure Service Mesh.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createUpdateManagedClusterWithAzureServiceMesh(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku()
.withName(ManagedClusterSkuName.fromString("Basic")).withTier(ManagedClusterSkuTier.FREE))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_DS2_v2")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withEnableNodePublicIp(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf("azureKeyvaultSecretsProvider",
new ManagedClusterAddonProfile().withEnabled(true).withConfig(
mapOf("enableSecretRotation", "fakeTokenPlaceholder", "rotationPollInterval", "2m"))))
.withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des")
.withServiceMeshProfile(
new ServiceMeshProfile().withMode(ServiceMeshMode.ISTIO)
.withIstio(new IstioServiceMesh()
.withComponents(new IstioComponents()
.withIngressGateways(Arrays.asList(new IstioIngressGateway()
.withMode(IstioIngressGatewayMode.INTERNAL).withEnabled(true)))
.withEgressGateways(Arrays.asList(new IstioEgressGateway().withEnabled(true))))
.withCertificateAuthority(new IstioCertificateAuthority()
.withPlugin(new IstioPluginCertificateAuthority().withKeyVaultId("fakeTokenPlaceholder")
.withCertObjectName("ca-cert").withKeyObjectName("fakeTokenPlaceholder")
.withRootCertObjectName("root-cert").withCertChainObjectName("cert-chain"))))),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_azure_service_mesh.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"location": "location1",
"properties": {
"addonProfiles": {
"azureKeyvaultSecretsProvider": {
"config": {"enableSecretRotation": "true", "rotationPollInterval": "2m"},
"enabled": True,
}
},
"agentPoolProfiles": [
{
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS2_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"serviceMeshProfile": {
"istio": {
"certificateAuthority": {
"plugin": {
"certChainObjectName": "cert-chain",
"certObjectName": "ca-cert",
"keyObjectName": "ca-key",
"keyVaultId": "/subscriptions/854c9ddb-fe9e-4aea-8d58-99ed88282881/resourceGroups/ddama-test/providers/Microsoft.KeyVault/vaults/my-akv",
"rootCertObjectName": "root-cert",
}
},
"components": {
"egressGateways": [{"enabled": True}],
"ingressGateways": [{"enabled": True, "mode": "Internal"}],
},
},
"mode": "Istio",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_AzureServiceMesh.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_AzureServiceMesh.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createUpdateManagedClusterWithAzureServiceMesh() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{
"azureKeyvaultSecretsProvider": {
Config: map[string]*string{
"enableSecretRotation": to.Ptr("true"),
"rotationPollInterval": to.Ptr("2m"),
},
Enabled: to.Ptr(true),
},
},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS2_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServiceMeshProfile: &armcontainerservice.ServiceMeshProfile{
Istio: &armcontainerservice.IstioServiceMesh{
CertificateAuthority: &armcontainerservice.IstioCertificateAuthority{
Plugin: &armcontainerservice.IstioPluginCertificateAuthority{
CertChainObjectName: to.Ptr("cert-chain"),
CertObjectName: to.Ptr("ca-cert"),
KeyObjectName: to.Ptr("ca-key"),
KeyVaultID: to.Ptr("/subscriptions/854c9ddb-fe9e-4aea-8d58-99ed88282881/resourceGroups/ddama-test/providers/Microsoft.KeyVault/vaults/my-akv"),
RootCertObjectName: to.Ptr("root-cert"),
},
},
Components: &armcontainerservice.IstioComponents{
EgressGateways: []*armcontainerservice.IstioEgressGateway{
{
Enabled: to.Ptr(true),
}},
IngressGateways: []*armcontainerservice.IstioIngressGateway{
{
Enabled: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.IstioIngressGatewayModeInternal),
}},
},
},
Mode: to.Ptr(armcontainerservice.ServiceMeshModeIstio),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{
// "azureKeyvaultSecretsProvider": &armcontainerservice.ManagedClusterAddonProfile{
// Config: map[string]*string{
// "enableSecretRotation": to.Ptr("true"),
// "rotationPollInterval": to.Ptr("2m"),
// },
// Enabled: to.Ptr(true),
// },
// },
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// Count: to.Ptr[int32](3),
// EnableEncryptionAtHost: to.Ptr(true),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS2_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServiceMeshProfile: &armcontainerservice.ServiceMeshProfile{
// Istio: &armcontainerservice.IstioServiceMesh{
// CertificateAuthority: &armcontainerservice.IstioCertificateAuthority{
// Plugin: &armcontainerservice.IstioPluginCertificateAuthority{
// CertChainObjectName: to.Ptr("cert-chain"),
// CertObjectName: to.Ptr("ca-cert"),
// KeyObjectName: to.Ptr("ca-key"),
// KeyVaultID: to.Ptr("/subscriptions/854c9ddb-fe9e-4aea-8d58-99ed88282881/resourceGroups/ddama-test/providers/Microsoft.KeyVault/vaults/my-akv"),
// RootCertObjectName: to.Ptr("root-cert"),
// },
// },
// Components: &armcontainerservice.IstioComponents{
// EgressGateways: []*armcontainerservice.IstioEgressGateway{
// {
// Enabled: to.Ptr(true),
// }},
// IngressGateways: []*armcontainerservice.IstioIngressGateway{
// {
// Enabled: to.Ptr(true),
// Mode: to.Ptr(armcontainerservice.IstioIngressGatewayModeInternal),
// }},
// },
// Revisions: []*string{
// to.Ptr("asm-1-17")},
// },
// Mode: to.Ptr(armcontainerservice.ServiceMeshModeIstio),
// },
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_AzureServiceMesh.json
*/
async function createOrUpdateManagedClusterWithAzureServiceMesh() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {
azureKeyvaultSecretsProvider: {
config: { enableSecretRotation: "true", rotationPollInterval: "2m" },
enabled: true,
},
},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS2_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
serviceMeshProfile: {
istio: {
certificateAuthority: {
plugin: {
certChainObjectName: "cert-chain",
certObjectName: "ca-cert",
keyObjectName: "ca-key",
keyVaultId:
"/subscriptions/854c9ddb-fe9e-4aea-8d58-99ed88282881/resourceGroups/ddama-test/providers/Microsoft.KeyVault/vaults/my-akv",
rootCertObjectName: "root-cert",
},
},
components: {
egressGateways: [{ enabled: true }],
ingressGateways: [{ enabled: true, mode: "Internal" }],
},
},
mode: "Istio",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"addonProfiles": {
"azureKeyvaultSecretsProvider": {
"enabled": true,
"config": {
"enableSecretRotation": "true",
"rotationPollInterval": "2m"
}
}
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"serviceMeshProfile": {
"mode": "Istio",
"istio": {
"components": {
"ingressGateways": [
{
"enabled": true,
"mode": "Internal"
}
],
"egressGateways": [
{
"enabled": true
}
]
},
"certificateAuthority": {
"plugin": {
"keyVaultId": "/subscriptions/854c9ddb-fe9e-4aea-8d58-99ed88282881/resourceGroups/ddama-test/providers/Microsoft.KeyVault/vaults/my-akv",
"certObjectName": "ca-cert",
"keyObjectName": "ca-key",
"rootCertObjectName": "root-cert",
"certChainObjectName": "cert-chain"
}
},
"revisions": [
"asm-1-17"
]
}
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS2_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"enableNodePublicIP": true,
"mode": "System",
"enableEncryptionAtHost": true
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"addonProfiles": {
"azureKeyvaultSecretsProvider": {
"enabled": true,
"config": {
"enableSecretRotation": "true",
"rotationPollInterval": "2m"
}
}
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"serviceMeshProfile": {
"mode": "Istio",
"istio": {
"components": {
"ingressGateways": [
{
"enabled": true,
"mode": "Internal"
}
],
"egressGateways": [
{
"enabled": true
}
]
},
"certificateAuthority": {
"plugin": {
"keyVaultId": "/subscriptions/854c9ddb-fe9e-4aea-8d58-99ed88282881/resourceGroups/ddama-test/providers/Microsoft.KeyVault/vaults/my-akv",
"certObjectName": "ca-cert",
"keyObjectName": "ca-key",
"rootCertObjectName": "root-cert",
"certChainObjectName": "cert-chain"
}
},
"revisions": [
"asm-1-17"
]
}
}
}
}
Create/Update Managed Cluster with dual-stack networking
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"scaleDownMode": "Deallocate",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
},
"ipFamilies": [
"IPv4",
"IPv6"
]
},
"autoScalerProfile": {
"balance-similar-node-groups": "true",
"expander": "priority",
"max-node-provision-time": "15m",
"new-pod-scale-up-delay": "1m",
"scale-down-delay-after-add": "15m",
"scan-interval": "20s",
"skip-nodes-with-system-pods": "false"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {}
}
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.Expander;
import com.azure.resourcemanager.containerservice.models.IpFamily;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterIdentity;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.ManagedServiceIdentityUserAssignedIdentitiesValue;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import com.azure.resourcemanager.containerservice.models.ResourceIdentityType;
import com.azure.resourcemanager.containerservice.models.ScaleDownMode;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_DualStackNetworking.json
*/
/**
* Sample code: Create/Update Managed Cluster with dual-stack networking.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createUpdateManagedClusterWithDualStackNetworking(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku().withName(ManagedClusterSkuName.fromString("Basic"))
.withTier(ManagedClusterSkuTier.FREE))
.withIdentity(new ManagedClusterIdentity().withType(ResourceIdentityType.USER_ASSIGNED)
.withUserAssignedIdentities(mapOf(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1",
new ManagedServiceIdentityUserAssignedIdentitiesValue())))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3)
.withVmSize("Standard_DS1_v2").withOsType(OSType.LINUX).withScaleDownMode(ScaleDownMode.DEALLOCATE)
.withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS).withMode(AgentPoolMode.SYSTEM)
.withAvailabilityZones(Arrays.asList("1", "2", "3")).withEnableNodePublicIp(true)
.withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder"))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile()
.withManagedOutboundIPs(new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2)))
.withIpFamilies(Arrays.asList(IpFamily.IPV4, IpFamily.IPV6)))
.withAutoScalerProfile(
new ManagedClusterPropertiesAutoScalerProfile().withBalanceSimilarNodeGroups("true")
.withExpander(Expander.PRIORITY).withMaxNodeProvisionTime("15m").withNewPodScaleUpDelay("1m")
.withScanInterval("20s").withScaleDownDelayAfterAdd("15m").withSkipNodesWithSystemPods("false"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_dual_stack_networking.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {}
},
},
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"availabilityZones": ["1", "2", "3"],
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"scaleDownMode": "Deallocate",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS1_v2",
}
],
"autoScalerProfile": {
"balance-similar-node-groups": "true",
"expander": "priority",
"max-node-provision-time": "15m",
"new-pod-scale-up-delay": "1m",
"scale-down-delay-after-add": "15m",
"scan-interval": "20s",
"skip-nodes-with-system-pods": "false",
},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"ipFamilies": ["IPv4", "IPv6"],
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {"adminPassword": "replacePassword1234$", "adminUsername": "azureuser"},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_DualStackNetworking.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_DualStackNetworking.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createUpdateManagedClusterWithDualStackNetworking() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Identity: &armcontainerservice.ManagedClusterIdentity{
Type: to.Ptr(armcontainerservice.ResourceIdentityTypeUserAssigned),
UserAssignedIdentities: map[string]*armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {},
},
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
AvailabilityZones: []*string{
to.Ptr("1"),
to.Ptr("2"),
to.Ptr("3")},
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
ScaleDownMode: to.Ptr(armcontainerservice.ScaleDownModeDeallocate),
VMSize: to.Ptr("Standard_DS1_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
BalanceSimilarNodeGroups: to.Ptr("true"),
Expander: to.Ptr(armcontainerservice.ExpanderPriority),
MaxNodeProvisionTime: to.Ptr("15m"),
NewPodScaleUpDelay: to.Ptr("1m"),
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
SkipNodesWithSystemPods: to.Ptr("false"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
IPFamilies: []*armcontainerservice.IPFamily{
to.Ptr(armcontainerservice.IPFamilyIPv4),
to.Ptr(armcontainerservice.IPFamilyIPv6)},
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Identity: &armcontainerservice.ManagedClusterIdentity{
// Type: to.Ptr(armcontainerservice.ResourceIdentityTypeUserAssigned),
// UserAssignedIdentities: map[string]*armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
// "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": &armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
// ClientID: to.Ptr("clientId1"),
// PrincipalID: to.Ptr("principalId1"),
// },
// },
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// AvailabilityZones: []*string{
// to.Ptr("1"),
// to.Ptr("2"),
// to.Ptr("3")},
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.22.1"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.22.1"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// ScaleDownMode: to.Ptr(armcontainerservice.ScaleDownModeDeallocate),
// VMSize: to.Ptr("Standard_DS1_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// BalanceSimilarNodeGroups: to.Ptr("true"),
// Expander: to.Ptr(armcontainerservice.ExpanderPriority),
// MaxNodeProvisionTime: to.Ptr("15m"),
// NewPodScaleUpDelay: to.Ptr("1m"),
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// SkipNodesWithSystemPods: to.Ptr("false"),
// },
// CurrentKubernetesVersion: to.Ptr("1.22.1"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.22.1"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4),
// to.Ptr(armcontainerservice.IPFamilyIPv6)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip3-ipv6"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// CountIPv6: to.Ptr[int32](1),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16"),
// to.Ptr("fd11:1234::/64")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16"),
// to.Ptr("fd00:1234::/108")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_DualStackNetworking.json
*/
async function createOrUpdateManagedClusterWithDualStackNetworking() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
availabilityZones: ["1", "2", "3"],
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
scaleDownMode: "Deallocate",
vmSize: "Standard_DS1_v2",
},
],
autoScalerProfile: {
balanceSimilarNodeGroups: "true",
expander: "priority",
maxNodeProvisionTime: "15m",
newPodScaleUpDelay: "1m",
scaleDownDelayAfterAdd: "15m",
scanInterval: "20s",
skipNodesWithSystemPods: "false",
},
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
identity: {
type: "UserAssigned",
userAssignedIdentities: {
"/subscriptions/00000000000000000000000000000000/resourcegroups/rgName1/providers/MicrosoftManagedIdentity/userAssignedIdentities/identity1":
{},
},
},
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
ipFamilies: ["IPv4", "IPv6"],
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.22.1",
"currentKubernetesVersion": "1.22.1",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.22.1",
"currentOrchestratorVersion": "1.22.1",
"type": "VirtualMachineScaleSets",
"scaleDownMode": "Deallocate",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16",
"fd11:1234::/64"
],
"serviceCidrs": [
"10.0.0.0/16",
"fd00:1234::/108"
],
"ipFamilies": [
"IPv4",
"IPv6"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2,
"countIPv6": 1
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip3-ipv6"
}
]
}
},
"autoScalerProfile": {
"balance-similar-node-groups": "true",
"expander": "priority",
"max-node-provision-time": "15m",
"new-pod-scale-up-delay": "1m",
"scale-down-delay-after-add": "15m",
"scan-interval": "20s",
"skip-nodes-with-system-pods": "false"
}
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
"principalId": "principalId1",
"clientId": "clientId1"
}
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.22.1",
"currentKubernetesVersion": "1.22.1",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.22.1",
"currentOrchestratorVersion": "1.22.1",
"type": "VirtualMachineScaleSets",
"scaleDownMode": "Deallocate",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16",
"fd11:1234::/64"
],
"serviceCidrs": [
"10.0.0.0/16",
"fd00:1234::/108"
],
"ipFamilies": [
"IPv4",
"IPv6"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2,
"countIPv6": 1
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip3-ipv6"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
"principalId": "principalId1",
"clientId": "clientId1"
}
}
}
}
Create/Update Managed Cluster with EnableAHUB
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$",
"licenseType": "Windows_Server"
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {}
}
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LicenseType;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterIdentity;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.ManagedServiceIdentityUserAssignedIdentitiesValue;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import com.azure.resourcemanager.containerservice.models.ResourceIdentityType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_UpdateWithAHUB.json
*/
/**
* Sample code: Create/Update Managed Cluster with EnableAHUB.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void createUpdateManagedClusterWithEnableAHUB(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku().withName(ManagedClusterSkuName.fromString("Basic"))
.withTier(ManagedClusterSkuTier.FREE))
.withIdentity(new ManagedClusterIdentity().withType(ResourceIdentityType.USER_ASSIGNED)
.withUserAssignedIdentities(mapOf(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1",
new ManagedServiceIdentityUserAssignedIdentitiesValue())))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_DS1_v2")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withAvailabilityZones(Arrays.asList("1", "2", "3"))
.withEnableNodePublicIp(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder").withLicenseType(LicenseType.WINDOWS_SERVER))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_update_with_ahub.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {}
},
},
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"availabilityZones": ["1", "2", "3"],
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS1_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {
"adminPassword": "replacePassword1234$",
"adminUsername": "azureuser",
"licenseType": "Windows_Server",
},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UpdateWithAHUB.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UpdateWithAHUB.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createUpdateManagedClusterWithEnableAhub() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Identity: &armcontainerservice.ManagedClusterIdentity{
Type: to.Ptr(armcontainerservice.ResourceIdentityTypeUserAssigned),
UserAssignedIdentities: map[string]*armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {},
},
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
AvailabilityZones: []*string{
to.Ptr("1"),
to.Ptr("2"),
to.Ptr("3")},
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS1_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
LicenseType: to.Ptr(armcontainerservice.LicenseTypeWindowsServer),
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Identity: &armcontainerservice.ManagedClusterIdentity{
// Type: to.Ptr(armcontainerservice.ResourceIdentityTypeUserAssigned),
// UserAssignedIdentities: map[string]*armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
// "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": &armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
// ClientID: to.Ptr("clientId1"),
// PrincipalID: to.Ptr("principalId1"),
// },
// },
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// AvailabilityZones: []*string{
// to.Ptr("1"),
// to.Ptr("2"),
// to.Ptr("3")},
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS1_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// LicenseType: to.Ptr(armcontainerservice.LicenseTypeWindowsServer),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UpdateWithAHUB.json
*/
async function createOrUpdateManagedClusterWithEnableAhub() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
availabilityZones: ["1", "2", "3"],
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS1_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
identity: {
type: "UserAssigned",
userAssignedIdentities: {
"/subscriptions/00000000000000000000000000000000/resourcegroups/rgName1/providers/MicrosoftManagedIdentity/userAssignedIdentities/identity1":
{},
},
},
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
licenseType: "Windows_Server",
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser",
"licenseType": "Windows_Server"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
"principalId": "principalId1",
"clientId": "clientId1"
}
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser",
"licenseType": "Windows_Server"
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
"principalId": "principalId1",
"clientId": "clientId1"
}
}
}
}
Create/Update Managed Cluster with Windows gMSA enabled
Przykładowe żądanie
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1?api-version=2024-09-01
{
"location": "location1",
"tags": {
"tier": "production",
"archv2": ""
},
"sku": {
"name": "Basic",
"tier": "Free"
},
"properties": {
"kubernetesVersion": "",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"networkProfile": {
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"loadBalancerProfile": {
"managedOutboundIPs": {
"count": 2
}
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
},
"windowsProfile": {
"adminUsername": "azureuser",
"adminPassword": "replacePassword1234$",
"gmsaProfile": {
"enabled": true
}
},
"servicePrincipalProfile": {
"clientId": "clientid",
"secret": "secret"
},
"addonProfiles": {},
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {}
}
}
}
import com.azure.resourcemanager.containerservice.fluent.models.ManagedClusterInner;
import com.azure.resourcemanager.containerservice.models.AgentPoolMode;
import com.azure.resourcemanager.containerservice.models.AgentPoolType;
import com.azure.resourcemanager.containerservice.models.ContainerServiceLinuxProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceNetworkProfile;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshConfiguration;
import com.azure.resourcemanager.containerservice.models.ContainerServiceSshPublicKey;
import com.azure.resourcemanager.containerservice.models.LoadBalancerSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterAgentPoolProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterIdentity;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterLoadBalancerProfileManagedOutboundIPs;
import com.azure.resourcemanager.containerservice.models.ManagedClusterPropertiesAutoScalerProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterServicePrincipalProfile;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSku;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuName;
import com.azure.resourcemanager.containerservice.models.ManagedClusterSkuTier;
import com.azure.resourcemanager.containerservice.models.ManagedClusterWindowsProfile;
import com.azure.resourcemanager.containerservice.models.ManagedServiceIdentityUserAssignedIdentitiesValue;
import com.azure.resourcemanager.containerservice.models.OSType;
import com.azure.resourcemanager.containerservice.models.OutboundType;
import com.azure.resourcemanager.containerservice.models.ResourceIdentityType;
import com.azure.resourcemanager.containerservice.models.WindowsGmsaProfile;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for ManagedClusters CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/
* ManagedClustersCreate_UpdateWindowsGmsa.json
*/
/**
* Sample code: Create/Update Managed Cluster with Windows gMSA enabled.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
createUpdateManagedClusterWithWindowsGMSAEnabled(com.azure.resourcemanager.AzureResourceManager azure) {
azure.kubernetesClusters().manager().serviceClient().getManagedClusters().createOrUpdate("rg1", "clustername1",
new ManagedClusterInner().withLocation("location1").withTags(mapOf("archv2", "", "tier", "production"))
.withSku(new ManagedClusterSku().withName(ManagedClusterSkuName.fromString("Basic"))
.withTier(ManagedClusterSkuTier.FREE))
.withIdentity(new ManagedClusterIdentity().withType(ResourceIdentityType.USER_ASSIGNED)
.withUserAssignedIdentities(mapOf(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1",
new ManagedServiceIdentityUserAssignedIdentitiesValue())))
.withKubernetesVersion("").withDnsPrefix("dnsprefix1")
.withAgentPoolProfiles(
Arrays.asList(new ManagedClusterAgentPoolProfile().withCount(3).withVmSize("Standard_DS1_v2")
.withOsType(OSType.LINUX).withType(AgentPoolType.VIRTUAL_MACHINE_SCALE_SETS)
.withMode(AgentPoolMode.SYSTEM).withAvailabilityZones(Arrays.asList("1", "2", "3"))
.withEnableNodePublicIp(true).withName("nodepool1")))
.withLinuxProfile(new ContainerServiceLinuxProfile().withAdminUsername("azureuser")
.withSsh(new ContainerServiceSshConfiguration().withPublicKeys(
Arrays.asList(new ContainerServiceSshPublicKey().withKeyData("fakeTokenPlaceholder")))))
.withWindowsProfile(new ManagedClusterWindowsProfile().withAdminUsername("azureuser")
.withAdminPassword("fakeTokenPlaceholder")
.withGmsaProfile(new WindowsGmsaProfile().withEnabled(true)))
.withServicePrincipalProfile(new ManagedClusterServicePrincipalProfile().withClientId("clientid")
.withSecret("fakeTokenPlaceholder"))
.withAddonProfiles(mapOf()).withEnableRbac(true).withEnablePodSecurityPolicy(true)
.withNetworkProfile(new ContainerServiceNetworkProfile().withOutboundType(OutboundType.LOAD_BALANCER)
.withLoadBalancerSku(LoadBalancerSku.STANDARD)
.withLoadBalancerProfile(new ManagedClusterLoadBalancerProfile().withManagedOutboundIPs(
new ManagedClusterLoadBalancerProfileManagedOutboundIPs().withCount(2))))
.withAutoScalerProfile(new ManagedClusterPropertiesAutoScalerProfile().withScanInterval("20s")
.withScaleDownDelayAfterAdd("15m"))
.withDiskEncryptionSetId(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
null, null, com.azure.core.util.Context.NONE);
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.containerservice import ContainerServiceClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-containerservice
# USAGE
python managed_clusters_create_update_windows_gmsa.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = ContainerServiceClient(
credential=DefaultAzureCredential(),
subscription_id="00000000-0000-0000-0000-000000000000",
)
response = client.managed_clusters.begin_create_or_update(
resource_group_name="rg1",
resource_name="clustername1",
parameters={
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {}
},
},
"location": "location1",
"properties": {
"addonProfiles": {},
"agentPoolProfiles": [
{
"availabilityZones": ["1", "2", "3"],
"count": 3,
"enableNodePublicIP": True,
"mode": "System",
"name": "nodepool1",
"osType": "Linux",
"type": "VirtualMachineScaleSets",
"vmSize": "Standard_DS1_v2",
}
],
"autoScalerProfile": {"scale-down-delay-after-add": "15m", "scan-interval": "20s"},
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"dnsPrefix": "dnsprefix1",
"enablePodSecurityPolicy": True,
"enableRBAC": True,
"kubernetesVersion": "",
"linuxProfile": {"adminUsername": "azureuser", "ssh": {"publicKeys": [{"keyData": "keydata"}]}},
"networkProfile": {
"loadBalancerProfile": {"managedOutboundIPs": {"count": 2}},
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
},
"servicePrincipalProfile": {"clientId": "clientid", "secret": "secret"},
"windowsProfile": {
"adminPassword": "replacePassword1234$",
"adminUsername": "azureuser",
"gmsaProfile": {"enabled": True},
},
},
"sku": {"name": "Basic", "tier": "Free"},
"tags": {"archv2": "", "tier": "production"},
},
).result()
print(response)
# x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UpdateWindowsGmsa.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armcontainerservice_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v6"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/e838027e88cca634c1545e744630de9262a6e72a/specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UpdateWindowsGmsa.json
func ExampleManagedClustersClient_BeginCreateOrUpdate_createUpdateManagedClusterWithWindowsGMsaEnabled() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armcontainerservice.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewManagedClustersClient().BeginCreateOrUpdate(ctx, "rg1", "clustername1", armcontainerservice.ManagedCluster{
Location: to.Ptr("location1"),
Tags: map[string]*string{
"archv2": to.Ptr(""),
"tier": to.Ptr("production"),
},
Identity: &armcontainerservice.ManagedClusterIdentity{
Type: to.Ptr(armcontainerservice.ResourceIdentityTypeUserAssigned),
UserAssignedIdentities: map[string]*armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {},
},
},
Properties: &armcontainerservice.ManagedClusterProperties{
AddonProfiles: map[string]*armcontainerservice.ManagedClusterAddonProfile{},
AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
{
Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
AvailabilityZones: []*string{
to.Ptr("1"),
to.Ptr("2"),
to.Ptr("3")},
Count: to.Ptr[int32](3),
EnableNodePublicIP: to.Ptr(true),
Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
OSType: to.Ptr(armcontainerservice.OSTypeLinux),
VMSize: to.Ptr("Standard_DS1_v2"),
Name: to.Ptr("nodepool1"),
}},
AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
ScaleDownDelayAfterAdd: to.Ptr("15m"),
ScanInterval: to.Ptr("20s"),
},
DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
DNSPrefix: to.Ptr("dnsprefix1"),
EnablePodSecurityPolicy: to.Ptr(true),
EnableRBAC: to.Ptr(true),
KubernetesVersion: to.Ptr(""),
LinuxProfile: &armcontainerservice.LinuxProfile{
AdminUsername: to.Ptr("azureuser"),
SSH: &armcontainerservice.SSHConfiguration{
PublicKeys: []*armcontainerservice.SSHPublicKey{
{
KeyData: to.Ptr("keydata"),
}},
},
},
NetworkProfile: &armcontainerservice.NetworkProfile{
LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
Count: to.Ptr[int32](2),
},
},
LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUStandard),
OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
},
ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
ClientID: to.Ptr("clientid"),
Secret: to.Ptr("secret"),
},
WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
AdminPassword: to.Ptr("replacePassword1234$"),
AdminUsername: to.Ptr("azureuser"),
GmsaProfile: &armcontainerservice.WindowsGmsaProfile{
Enabled: to.Ptr(true),
},
},
},
SKU: &armcontainerservice.ManagedClusterSKU{
Name: to.Ptr(armcontainerservice.ManagedClusterSKUName("Basic")),
Tier: to.Ptr(armcontainerservice.ManagedClusterSKUTierFree),
},
}, &armcontainerservice.ManagedClustersClientBeginCreateOrUpdateOptions{IfMatch: nil,
IfNoneMatch: nil,
})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.ManagedCluster = armcontainerservice.ManagedCluster{
// Name: to.Ptr("clustername1"),
// Type: to.Ptr("Microsoft.ContainerService/ManagedClusters"),
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1"),
// Location: to.Ptr("location1"),
// Tags: map[string]*string{
// "archv2": to.Ptr(""),
// "tier": to.Ptr("production"),
// },
// Identity: &armcontainerservice.ManagedClusterIdentity{
// Type: to.Ptr(armcontainerservice.ResourceIdentityTypeUserAssigned),
// UserAssignedIdentities: map[string]*armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
// "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": &armcontainerservice.ManagedServiceIdentityUserAssignedIdentitiesValue{
// ClientID: to.Ptr("clientId1"),
// PrincipalID: to.Ptr("principalId1"),
// },
// },
// },
// Properties: &armcontainerservice.ManagedClusterProperties{
// AgentPoolProfiles: []*armcontainerservice.ManagedClusterAgentPoolProfile{
// {
// Type: to.Ptr(armcontainerservice.AgentPoolTypeVirtualMachineScaleSets),
// AvailabilityZones: []*string{
// to.Ptr("1"),
// to.Ptr("2"),
// to.Ptr("3")},
// Count: to.Ptr[int32](3),
// CurrentOrchestratorVersion: to.Ptr("1.9.6"),
// EnableNodePublicIP: to.Ptr(true),
// MaxPods: to.Ptr[int32](110),
// Mode: to.Ptr(armcontainerservice.AgentPoolModeSystem),
// NodeImageVersion: to.Ptr("AKSUbuntu:1604:2020.03.11"),
// OrchestratorVersion: to.Ptr("1.9.6"),
// OSType: to.Ptr(armcontainerservice.OSTypeLinux),
// ProvisioningState: to.Ptr("Succeeded"),
// VMSize: to.Ptr("Standard_DS1_v2"),
// Name: to.Ptr("nodepool1"),
// }},
// AutoScalerProfile: &armcontainerservice.ManagedClusterPropertiesAutoScalerProfile{
// ScaleDownDelayAfterAdd: to.Ptr("15m"),
// ScanInterval: to.Ptr("20s"),
// },
// CurrentKubernetesVersion: to.Ptr("1.9.6"),
// DiskEncryptionSetID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des"),
// DNSPrefix: to.Ptr("dnsprefix1"),
// EnablePodSecurityPolicy: to.Ptr(true),
// EnableRBAC: to.Ptr(true),
// Fqdn: to.Ptr("dnsprefix1-abcd1234.hcp.eastus.azmk8s.io"),
// KubernetesVersion: to.Ptr("1.9.6"),
// LinuxProfile: &armcontainerservice.LinuxProfile{
// AdminUsername: to.Ptr("azureuser"),
// SSH: &armcontainerservice.SSHConfiguration{
// PublicKeys: []*armcontainerservice.SSHPublicKey{
// {
// KeyData: to.Ptr("keydata"),
// }},
// },
// },
// MaxAgentPools: to.Ptr[int32](1),
// NetworkProfile: &armcontainerservice.NetworkProfile{
// DNSServiceIP: to.Ptr("10.0.0.10"),
// IPFamilies: []*armcontainerservice.IPFamily{
// to.Ptr(armcontainerservice.IPFamilyIPv4)},
// LoadBalancerProfile: &armcontainerservice.ManagedClusterLoadBalancerProfile{
// AllocatedOutboundPorts: to.Ptr[int32](2000),
// EffectiveOutboundIPs: []*armcontainerservice.ResourceReference{
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"),
// },
// {
// ID: to.Ptr("/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"),
// }},
// IdleTimeoutInMinutes: to.Ptr[int32](10),
// ManagedOutboundIPs: &armcontainerservice.ManagedClusterLoadBalancerProfileManagedOutboundIPs{
// Count: to.Ptr[int32](2),
// },
// },
// LoadBalancerSKU: to.Ptr(armcontainerservice.LoadBalancerSKUBasic),
// NetworkPlugin: to.Ptr(armcontainerservice.NetworkPluginKubenet),
// OutboundType: to.Ptr(armcontainerservice.OutboundTypeLoadBalancer),
// PodCidr: to.Ptr("10.244.0.0/16"),
// PodCidrs: []*string{
// to.Ptr("10.244.0.0/16")},
// ServiceCidr: to.Ptr("10.0.0.0/16"),
// ServiceCidrs: []*string{
// to.Ptr("10.0.0.0/16")},
// },
// NodeResourceGroup: to.Ptr("MC_rg1_clustername1_location1"),
// ProvisioningState: to.Ptr("Succeeded"),
// ServicePrincipalProfile: &armcontainerservice.ManagedClusterServicePrincipalProfile{
// ClientID: to.Ptr("clientid"),
// },
// WindowsProfile: &armcontainerservice.ManagedClusterWindowsProfile{
// AdminUsername: to.Ptr("azureuser"),
// GmsaProfile: &armcontainerservice.WindowsGmsaProfile{
// Enabled: to.Ptr(true),
// },
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { ContainerServiceClient } = require("@azure/arm-containerservice");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a managed cluster.
*
* @summary Creates or updates a managed cluster.
* x-ms-original-file: specification/containerservice/resource-manager/Microsoft.ContainerService/aks/stable/2024-09-01/examples/ManagedClustersCreate_UpdateWindowsGmsa.json
*/
async function createOrUpdateManagedClusterWithWindowsGMsaEnabled() {
const subscriptionId =
process.env["CONTAINERSERVICE_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const resourceGroupName = process.env["CONTAINERSERVICE_RESOURCE_GROUP"] || "rg1";
const resourceName = "clustername1";
const parameters = {
addonProfiles: {},
agentPoolProfiles: [
{
name: "nodepool1",
type: "VirtualMachineScaleSets",
availabilityZones: ["1", "2", "3"],
count: 3,
enableNodePublicIP: true,
mode: "System",
osType: "Linux",
vmSize: "Standard_DS1_v2",
},
],
autoScalerProfile: { scaleDownDelayAfterAdd: "15m", scanInterval: "20s" },
diskEncryptionSetID:
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
dnsPrefix: "dnsprefix1",
enablePodSecurityPolicy: true,
enableRbac: true,
identity: {
type: "UserAssigned",
userAssignedIdentities: {
"/subscriptions/00000000000000000000000000000000/resourcegroups/rgName1/providers/MicrosoftManagedIdentity/userAssignedIdentities/identity1":
{},
},
},
kubernetesVersion: "",
linuxProfile: {
adminUsername: "azureuser",
ssh: { publicKeys: [{ keyData: "keydata" }] },
},
location: "location1",
networkProfile: {
loadBalancerProfile: { managedOutboundIPs: { count: 2 } },
loadBalancerSku: "standard",
outboundType: "loadBalancer",
},
servicePrincipalProfile: { clientId: "clientid", secret: "secret" },
sku: { name: "Basic", tier: "Free" },
tags: { archv2: "", tier: "production" },
windowsProfile: {
adminPassword: "replacePassword1234$",
adminUsername: "azureuser",
gmsaProfile: { enabled: true },
},
};
const credential = new DefaultAzureCredential();
const client = new ContainerServiceClient(credential, subscriptionId);
const result = await client.managedClusters.beginCreateOrUpdateAndWait(
resourceGroupName,
resourceName,
parameters,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Przykładowa odpowiedź
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Succeeded",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Succeeded",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System",
"nodeImageVersion": "AKSUbuntu:1604:2020.03.11"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser",
"gmsaProfile": {
"enabled": true
}
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"fqdn": "dnsprefix1-abcd1234.hcp.eastus.azmk8s.io",
"networkProfile": {
"loadBalancerSku": "basic",
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
"principalId": "principalId1",
"clientId": "clientId1"
}
}
}
}
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.ContainerService/managedClusters/clustername1",
"location": "location1",
"name": "clustername1",
"tags": {
"archv2": "",
"tier": "production"
},
"type": "Microsoft.ContainerService/ManagedClusters",
"properties": {
"provisioningState": "Creating",
"maxAgentPools": 1,
"kubernetesVersion": "1.9.6",
"currentKubernetesVersion": "1.9.6",
"dnsPrefix": "dnsprefix1",
"agentPoolProfiles": [
{
"name": "nodepool1",
"count": 3,
"vmSize": "Standard_DS1_v2",
"maxPods": 110,
"osType": "Linux",
"provisioningState": "Creating",
"orchestratorVersion": "1.9.6",
"currentOrchestratorVersion": "1.9.6",
"type": "VirtualMachineScaleSets",
"availabilityZones": [
"1",
"2",
"3"
],
"enableNodePublicIP": true,
"mode": "System"
}
],
"linuxProfile": {
"adminUsername": "azureuser",
"ssh": {
"publicKeys": [
{
"keyData": "keydata"
}
]
}
},
"windowsProfile": {
"adminUsername": "azureuser",
"gmsaProfile": {
"enabled": true
}
},
"servicePrincipalProfile": {
"clientId": "clientid"
},
"nodeResourceGroup": "MC_rg1_clustername1_location1",
"enableRBAC": true,
"diskEncryptionSetID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rg1/providers/Microsoft.Compute/diskEncryptionSets/des",
"enablePodSecurityPolicy": true,
"networkProfile": {
"networkPlugin": "kubenet",
"podCidr": "10.244.0.0/16",
"serviceCidr": "10.0.0.0/16",
"dnsServiceIP": "10.0.0.10",
"loadBalancerSku": "standard",
"outboundType": "loadBalancer",
"podCidrs": [
"10.244.0.0/16"
],
"serviceCidrs": [
"10.0.0.0/16"
],
"ipFamilies": [
"IPv4"
],
"loadBalancerProfile": {
"allocatedOutboundPorts": 2000,
"idleTimeoutInMinutes": 10,
"managedOutboundIPs": {
"count": 2
},
"effectiveOutboundIPs": [
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip1"
},
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/MC_rg1/providers/Microsoft.Network/publicIPAddresses/mgdoutboundip2"
}
]
}
},
"autoScalerProfile": {
"scan-interval": "20s",
"scale-down-delay-after-add": "15m"
}
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/rgName1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": {
"principalId": "principalId1",
"clientId": "clientId1"
}
}
}
}
Definicje
| Nazwa |
Opis |
|
AdvancedNetworking
|
Zaawansowany profil sieci umożliwiający obserwowanie i pakiet funkcji zabezpieczeń w klastrze. Aby uzyskać więcej informacji, zobacz aka.ms/aksadvancednetworking.
|
|
AdvancedNetworkingObservability
|
Profil obserwacji umożliwiający włączenie zaawansowanych metryk sieci i dzienników przepływu z kontekstami historycznymi.
|
|
AdvancedNetworkingSecurity
|
Profil zabezpieczeń umożliwiający włączenie funkcji zabezpieczeń w klastrze opartym na cilium.
|
|
AgentPoolMode
|
Tryb puli agentów.
|
|
AgentPoolNetworkProfile
|
Ustawienia sieciowe puli agentów.
|
|
AgentPoolSecurityProfile
|
Ustawienia zabezpieczeń puli agentów.
|
|
AgentPoolType
|
Typ puli agentów.
|
|
AgentPoolUpgradeSettings
|
Ustawienia uaktualniania puli agentów
|
|
AgentPoolWindowsProfile
|
Określony profil puli agentów systemu Windows.
|
|
AutoScalerProfile
|
Parametry, które mają być stosowane do skalowania automatycznego klastra po włączeniu
|
|
AzureKeyVaultKms
|
Ustawienia usługi zarządzania kluczami usługi Azure Key Vault dla profilu zabezpieczeń.
|
|
BackendPoolType
|
Typ zarządzanej puli zaplecza modułu równoważenia obciążenia dla ruchu przychodzącego.
|
|
CloudError
|
Odpowiedź na błąd z usługi Container Service.
|
|
CloudErrorBody
|
Odpowiedź na błąd z usługi Container Service.
|
|
ClusterUpgradeSettings
|
Ustawienia uaktualniania klastra.
|
|
code
|
Informuje, czy klaster jest uruchomiony, czy zatrzymany
|
|
ContainerServiceLinuxProfile
|
Profil maszyn wirtualnych z systemem Linux w klastrze usługi kontenera.
|
|
ContainerServiceNetworkProfile
|
Profil konfiguracji sieci.
|
|
ContainerServiceSshConfiguration
|
Konfiguracja protokołu SSH dla maszyn wirtualnych z systemem Linux uruchomionych na platformie Azure.
|
|
ContainerServiceSshPublicKey
|
Zawiera informacje o danych klucza publicznego certyfikatu SSH.
|
|
createdByType
|
Typ tożsamości, która utworzyła zasób.
|
|
CreationData
|
Dane używane podczas tworzenia zasobu docelowego na podstawie zasobu źródłowego.
|
|
DelegatedResource
|
Właściwości delegowanego zasobu — tylko do użytku wewnętrznego.
|
|
expander
|
Ekspander do użycia podczas skalowania w górę
|
|
ExtendedLocation
|
Typ złożony lokalizacji rozszerzonej.
|
|
ExtendedLocationTypes
|
Typ lokalizacji rozszerzonej.
|
|
GPUInstanceProfile
|
GpuInstanceProfile do użycia w celu określenia profilu wystąpienia migracji procesora GPU dla obsługiwanej jednostki SKU maszyny wirtualnej procesora GPU.
|
|
Identity
|
Tożsamość zasobu.
|
|
ipFamily
|
Rodziny adresów IP używane do określania wersji adresów IP dostępnych dla klastra.
|
|
IPTag
|
Zawiera element IPTag skojarzony z obiektem .
|
|
IstioCertificateAuthority
|
Konfiguracja urzędu certyfikacji usługi Istio Service Mesh. Na razie obsługujemy tylko certyfikaty wtyczek zgodnie z opisem w tym https://aka.ms/asm-plugin-ca
|
|
IstioComponents
|
Konfiguracja składników istio.
|
|
IstioEgressGateway
|
Konfiguracja bramy ruchu wychodzącego Istio.
|
|
IstioIngressGateway
|
Konfiguracja bramy ruchu przychodzącego istio. Na razie obsługujemy maksymalnie jedną zewnętrzną bramę ruchu przychodzącego o nazwie aks-istio-ingressgateway-external i jedną wewnętrzną bramę ruchu przychodzącego o nazwie aks-istio-ingressgateway-internal.
|
|
IstioIngressGatewayMode
|
Tryb bramy ruchu przychodzącego.
|
|
IstioPluginCertificateAuthority
|
Informacje o certyfikatach wtyczki dla usługi Service Mesh.
|
|
IstioServiceMesh
|
Konfiguracja siatki usługi Istio.
|
|
KeyVaultNetworkAccessTypes
|
Dostęp sieciowy do magazynu kluczy
|
|
KubeletConfig
|
Konfiguracje usługi Kubelet węzłów agenta.
|
|
KubeletDiskType
|
Określa umieszczanie woluminów emptyDir, katalogu głównego danych środowiska uruchomieniowego kontenera i magazynu efemerycznego Kubelet.
|
|
KubernetesSupportPlan
|
Różne warstwy pomocy technicznej dla klastrów zarządzanych usługi AKS
|
|
licenseType
|
Typ licencji do użycia dla maszyn wirtualnych z systemem Windows. Aby uzyskać więcej informacji, zobacz korzyści użycia hybrydowego platformy Azure.
|
|
LinuxOSConfig
|
Konfiguracje systemu operacyjnego węzłów agenta systemu Linux.
|
|
loadBalancerSku
|
Jednostka SKU modułu równoważenia obciążenia dla klastra zarządzanego.
|
|
ManagedCluster
|
Klaster zarządzany.
|
|
ManagedClusterAADProfile
|
AADProfile określa atrybuty integracji usługi Azure Active Directory.
|
|
ManagedClusterAddonProfile
|
Profil dodatku Kubernetes dla klastra zarządzanego.
|
|
ManagedClusterAgentPoolProfile
|
Profil puli agentów usługi kontenera.
|
|
ManagedClusterAPIServerAccessProfile
|
Profil dostępu dla serwera interfejsu API klastra zarządzanego.
|
|
ManagedClusterAutoUpgradeProfile
|
Profil automatycznego uaktualniania dla klastra zarządzanego.
|
|
ManagedClusterAzureMonitorProfile
|
Profile dodatków usługi Azure Monitor do monitorowania klastra zarządzanego.
|
|
ManagedClusterAzureMonitorProfileKubeStateMetrics
|
Profil metryk stanu platformy Kube dla dodatku Prometheus zarządzanego przez platformę Azure. Te opcjonalne ustawienia dotyczą zasobnika kube-state-metrics wdrożonego za pomocą dodatku. Aby uzyskać szczegółowe informacje, zobacz aka.ms/AzureManagedPrometheus-optional-parameters.
|
|
ManagedClusterAzureMonitorProfileMetrics
|
Profil metryk dla usługi zarządzanej Azure Monitor dla dodatku Prometheus. Zbierz gotowe metryki infrastruktury kubernetes, aby wysyłać je do obszaru roboczego usługi Azure Monitor i konfigurować dodatkowe złomowanie dla niestandardowych obiektów docelowych. Aby zapoznać się z omówieniem, zobacz aka.ms/AzureManagedPrometheus.
|
|
ManagedClusterCostAnalysis
|
Konfiguracja analizy kosztów klastra
|
|
ManagedClusterHTTPProxyConfig
|
Konfiguracja serwera proxy HTTP klastra.
|
|
ManagedClusterIdentity
|
Tożsamość klastra zarządzanego.
|
|
ManagedClusterIngressProfile
|
Profil ruchu przychodzącego dla klastra usługi kontenera.
|
|
ManagedClusterIngressProfileWebAppRouting
|
Ustawienia dodatku routingu aplikacji dla profilu ruchu przychodzącego.
|
|
ManagedClusterLoadBalancerProfile
|
Profil modułu równoważenia obciążenia klastra zarządzanego.
|
|
ManagedClusterManagedOutboundIPProfile
|
Profil zarządzanych zasobów wychodzących IP klastra zarządzanego.
|
|
ManagedClusterMetricsProfile
|
Profil metryk zarządzanychcluster.
|
|
ManagedClusterNATGatewayProfile
|
Profil bramy translatora adresów sieciowych klastra zarządzanego.
|
|
ManagedClusterNodeResourceGroupProfile
|
Profil blokady grupy zasobów węzła dla klastra zarządzanego.
|
|
ManagedClusterOIDCIssuerProfile
|
Profil wystawcy OIDC klastra zarządzanego.
|
|
ManagedClusterPodIdentity
|
Szczegółowe informacje o tożsamości zasobnika przypisanej do klastra zarządzanego.
|
|
ManagedClusterPodIdentityException
|
Wyjątek tożsamości zasobnika, który umożliwia zasobnikom z określonymi etykietami dostęp do punktu końcowego usługi Azure Instance Metadata Service (IMDS) bez przechwytywania przez serwer tożsamości zarządzanej węzła (NMI).
|
|
ManagedClusterPodIdentityProfile
|
Profil tożsamości zasobnika klastra zarządzanego.
|
|
ManagedClusterPodIdentityProvisioningError
|
Odpowiedź na błąd z aprowizacji tożsamości zasobnika.
|
|
ManagedClusterPodIdentityProvisioningErrorBody
|
Odpowiedź na błąd z aprowizacji tożsamości zasobnika.
|
|
ManagedClusterPodIdentityProvisioningState
|
Bieżący stan aprowizacji tożsamości zasobnika.
|
|
ManagedClusterSecurityProfile
|
Profil zabezpieczeń klastra usługi kontenera.
|
|
ManagedClusterSecurityProfileDefender
|
Ustawienia usługi Microsoft Defender dla profilu zabezpieczeń.
|
|
ManagedClusterSecurityProfileDefenderSecurityMonitoring
|
Ustawienia usługi Microsoft Defender dla wykrywania zagrożeń profilu zabezpieczeń.
|
|
ManagedClusterSecurityProfileImageCleaner
|
Narzędzie Image Cleaner usuwa nieużywane obrazy z węzłów, zwalniając miejsce na dysku i pomagając zmniejszyć obszar powierzchni podatnej na ataki. Poniżej przedstawiono ustawienia profilu zabezpieczeń.
|
|
ManagedClusterSecurityProfileWorkloadIdentity
|
Ustawienia tożsamości obciążenia dla profilu zabezpieczeń.
|
|
ManagedClusterServicePrincipalProfile
|
Informacje o tożsamości jednostki usługi dla klastra do użycia do manipulowania interfejsami API platformy Azure.
|
|
ManagedClusterSKU
|
Jednostka SKU klastra zarządzanego.
|
|
ManagedClusterSKUName
|
Nazwa jednostki SKU klastra zarządzanego.
|
|
ManagedClusterSKUTier
|
Warstwa jednostki SKU klastra zarządzanego.
|
|
ManagedClusterStorageProfile
|
Profil magazynu dla klastra usługi kontenera.
|
|
ManagedClusterStorageProfileBlobCSIDriver
|
Ustawienia sterownika CSI usługi AzureBlob dla profilu magazynu.
|
|
ManagedClusterStorageProfileDiskCSIDriver
|
Ustawienia sterownika AZUREDisk CSI dla profilu magazynu.
|
|
ManagedClusterStorageProfileFileCSIDriver
|
Ustawienia sterownika AZUREFile CSI dla profilu magazynu.
|
|
ManagedClusterStorageProfileSnapshotController
|
Ustawienia kontrolera migawek dla profilu magazynu.
|
|
ManagedClusterWindowsProfile
|
Profil maszyn wirtualnych z systemem Windows w klastrze zarządzanym.
|
|
ManagedClusterWorkloadAutoScalerProfile
|
Profil automatycznego skalowania obciążenia dla klastra zarządzanego.
|
|
ManagedClusterWorkloadAutoScalerProfileKeda
|
Ustawienia skalowania automatycznego opartego na zdarzeniach platformy KEDA (Kubernetes Event-driven Autoscaling) dla profilu automatycznego skalowania obciążenia.
|
|
ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler
|
Ustawienia narzędzia VPA (vertical Pod Autoscaler) dla profilu automatycznego skalowania obciążenia.
|
|
ManagedOutboundIPs
|
Żądane zarządzane adresy IP ruchu wychodzącego dla modułu równoważenia obciążenia klastra.
|
|
networkDataplane
|
Plan danych sieci używany w klastrze Kubernetes.
|
|
networkMode
|
Tryb sieciowy platformy Azure CNI jest skonfigurowany za pomocą polecenia .
|
|
NetworkPlugin
|
Wtyczka sieci używana do tworzenia sieci Kubernetes.
|
|
NetworkPluginMode
|
Tryb, który ma być używany przez wtyczkę sieci.
|
|
NetworkPolicy
|
Zasady sieci używane do tworzenia sieci Kubernetes.
|
|
nodeOSUpgradeChannel
|
Kanał uaktualniania systemu operacyjnego Node
|
|
OSDiskType
|
Typ dysku systemu operacyjnego, który ma być używany dla maszyn w puli agentów.
|
|
OSSKU
|
Określa jednostkę SKU systemu operacyjnego używaną przez pulę agentów. Wartość domyślna to Ubuntu, jeśli typ systemu operacyjnego to Linux. Wartość domyślna to Windows2019, gdy platforma Kubernetes <= 1.24 lub Windows2022, gdy platforma Kubernetes >= 1,25, jeśli typ systemu operacyjnego to Windows.
|
|
OSType
|
Typ systemu operacyjnego. Wartość domyślna to Linux.
|
|
OutboundIPPrefixes
|
Żądane zasoby prefiksu adresów IP dla modułu równoważenia obciążenia klastra.
|
|
OutboundIPs
|
Żądane zasoby adresów IP ruchu wychodzącego dla modułu równoważenia obciążenia klastra.
|
|
outboundType
|
Metoda routingu ruchu wychodzącego (wychodzącego).
|
|
PortRange
|
Zakres portów.
|
|
PowerState
|
Opisuje stan zasilania klastra
|
|
PrivateLinkResource
|
Zasób łącza prywatnego
|
|
Protocol
|
Protokół sieciowy portu.
|
|
ProvisioningInfo
|
|
|
PublicNetworkAccess
|
PublicNetworkAccess zarządzanegocluster
|
|
ResourceIdentityType
|
Typ tożsamości używany dla klastra zarządzanego.
|
|
ResourceReference
|
Odwołanie do zasobu platformy Azure.
|
|
RestrictionLevel
|
Poziom ograniczeń zastosowany do grupy zasobów węzła klastra. Jeśli nie zostanie określony, wartość domyślna to "Bez ograniczeń"
|
|
ScaleDownMode
|
Opisuje sposób dodawania lub usuwania maszyn wirtualnych z pul agentów. Zobacz stany rozliczeń.
|
|
ScaleSetEvictionPolicy
|
Zasady eksmisji zestawu skalowania maszyn wirtualnych.
|
|
ScaleSetPriority
|
Priorytet zestawu skalowania maszyn wirtualnych.
|
|
ServiceMeshMode
|
Tryb siatki usług.
|
|
ServiceMeshProfile
|
Profil usługi Service Mesh dla klastra zarządzanego.
|
|
SysctlConfig
|
Ustawienia sysctl dla węzłów agenta systemu Linux.
|
|
systemData
|
Metadane dotyczące tworzenia i ostatniej modyfikacji zasobu.
|
|
upgradeChannel
|
Kanał uaktualniania na potrzeby automatycznego uaktualniania. Wartość domyślna to "none".
|
|
UpgradeOverrideSettings
|
Ustawienia przesłonięć podczas uaktualniania klastra.
|
|
UserAssignedIdentities
|
Tożsamość użytkownika skojarzona z klastrem zarządzanym. Ta tożsamość będzie używana w płaszczyźnie sterowania. Dozwolona jest tylko jedna tożsamość przypisana przez użytkownika.
|
|
UserAssignedIdentity
|
Szczegółowe informacje o tożsamości przypisanej przez użytkownika.
|
|
WindowsGmsaProfile
|
Profil gMSA systemu Windows w klastrze zarządzanym.
|
|
WorkloadRuntime
|
Określa typ obciążenia, który może uruchomić węzeł.
|
AdvancedNetworking
Zaawansowany profil sieci umożliwiający obserwowanie i pakiet funkcji zabezpieczeń w klastrze. Aby uzyskać więcej informacji, zobacz aka.ms/aksadvancednetworking.
| Nazwa |
Typ |
Opis |
|
enabled
|
boolean
|
Wskazuje włączenie zaawansowanych funkcji sieciowych dotyczących możliwości obserwowania i zabezpieczeń w klastrach usługi AKS. Po ustawieniu wartości true wszystkie funkcje obserwowania i zabezpieczeń zostaną ustawione na włączone, chyba że jawnie wyłączone. Jeśli nie zostanie określony, wartość domyślna to false.
|
|
observability
|
AdvancedNetworkingObservability
|
Profil obserwacji umożliwiający włączenie zaawansowanych metryk sieci i dzienników przepływu z kontekstami historycznymi.
|
|
security
|
AdvancedNetworkingSecurity
|
Profil zabezpieczeń umożliwiający włączenie funkcji zabezpieczeń w klastrze opartym na cilium.
|
AdvancedNetworkingObservability
Profil obserwacji umożliwiający włączenie zaawansowanych metryk sieci i dzienników przepływu z kontekstami historycznymi.
| Nazwa |
Typ |
Opis |
|
enabled
|
boolean
|
Wskazuje włączenie funkcji obserwacji zaawansowanej sieci w klastrach.
|
AdvancedNetworkingSecurity
Profil zabezpieczeń umożliwiający włączenie funkcji zabezpieczeń w klastrze opartym na cilium.
| Nazwa |
Typ |
Opis |
|
enabled
|
boolean
|
Ta funkcja umożliwia użytkownikowi konfigurowanie zasad sieciowych na podstawie nazw DNS (FQDN). Można ją włączyć tylko w klastrach opartych na cilium. Jeśli nie zostanie określony, wartość domyślna to false.
|
AgentPoolMode
Tryb puli agentów.
| Nazwa |
Typ |
Opis |
|
System
|
string
|
Pule agentów systemowych są przeznaczone głównie do hostowania krytycznych zasobników systemu, takich jak CoreDNS i metrics-server. Systemowe pule agentów osType muszą mieć wartość Linux. Jednostka SKU maszyny wirtualnej pul agentów systemowych musi mieć co najmniej 2 procesory wirtualne i 4 GB pamięci.
|
|
User
|
string
|
Pule agentów użytkowników są przeznaczone głównie do hostowania zasobników aplikacji.
|
AgentPoolNetworkProfile
Ustawienia sieciowe puli agentów.
| Nazwa |
Typ |
Opis |
|
allowedHostPorts
|
PortRange[]
|
Zakresy portów, do których można uzyskać dostęp. Określone zakresy mogą się nakładać.
|
|
applicationSecurityGroups
|
string[]
|
Identyfikatory grup zabezpieczeń aplikacji, które pula agentów zostanie skojarzona podczas tworzenia.
|
|
nodePublicIPTags
|
IPTag[]
|
IpTags publicznych adresów IP na poziomie wystąpienia.
|
AgentPoolSecurityProfile
Ustawienia zabezpieczeń puli agentów.
| Nazwa |
Typ |
Opis |
|
enableSecureBoot
|
boolean
|
Bezpieczny rozruch to funkcja zaufanego uruchamiania, która zapewnia możliwość rozruchu tylko podpisanych systemów operacyjnych i sterowników. Aby uzyskać więcej informacji, zobacz aka.ms/aks/trustedlaunch. Jeśli nie zostanie określony, wartość domyślna to false.
|
|
enableVTPM
|
boolean
|
VTPM to funkcja zaufanego uruchamiania do konfigurowania dedykowanego bezpiecznego magazynu dla kluczy i pomiarów przechowywanych lokalnie w węźle. Aby uzyskać więcej informacji, zobacz aka.ms/aks/trustedlaunch. Jeśli nie zostanie określony, wartość domyślna to false.
|
AgentPoolType
Typ puli agentów.
| Nazwa |
Typ |
Opis |
|
AvailabilitySet
|
string
|
Korzystanie z tego rozwiązania jest zdecydowanie odradzane.
|
|
VirtualMachineScaleSets
|
string
|
Utwórz pulę agentów wspieraną przez zestaw skalowania maszyn wirtualnych.
|
AgentPoolUpgradeSettings
Ustawienia uaktualniania puli agentów
| Nazwa |
Typ |
Opis |
|
drainTimeoutInMinutes
|
integer
|
Limit czasu opróżniania węzła
Czas oczekiwania (w minutach) na eksmisję zasobników i łagodne zakończenie na węzeł. Ten czas oczekiwania eksmisji honoruje oczekiwanie na budżety zakłóceń zasobników. Jeśli ten czas zostanie przekroczony, uaktualnienie zakończy się niepowodzeniem. Jeśli nie zostanie określony, wartość domyślna to 30 minut.
|
|
maxSurge
|
string
|
Maksymalna liczba lub procent węzłów, które są przesiąknięci podczas uaktualniania.
Można to ustawić na liczbę całkowitą (np. "5") lub wartość procentową (np. "50%"). Jeśli określono wartość procentową, jest to procent całkowitego rozmiaru puli agentów w momencie uaktualnienia. W przypadku wartości procentowych węzły ułamkowe są zaokrąglane w górę. Jeśli nie zostanie określony, wartość domyślna to 1. Aby uzyskać więcej informacji, w tym najlepsze rozwiązania, zobacz: https://docs.microsoft.com/azure/aks/upgrade-cluster#customize-node-surge-upgrade
|
|
nodeSoakDurationInMinutes
|
integer
|
Czas trwania moczenia węzła
Czas oczekiwania (w minutach) po opróżnieniu węzła i przed ponownym utworzeniem i przejściem do następnego węzła. Jeśli nie zostanie określony, wartość domyślna to 0 minut.
|
AgentPoolWindowsProfile
Określony profil puli agentów systemu Windows.
| Nazwa |
Typ |
Opis |
|
disableOutboundNat
|
boolean
|
Czy wyłączyć funkcję OutboundNAT w węzłach systemu Windows
Wartość domyślna to false. Translator adresów sieciowych dla ruchu wychodzącego można wyłączyć tylko wtedy, gdy klaster outboundType jest bramą translatora adresów sieciowych, a pula agentów systemu Windows nie ma włączonego publicznego adresu IP węzła.
|
AutoScalerProfile
Parametry, które mają być stosowane do skalowania automatycznego klastra po włączeniu
| Nazwa |
Typ |
Opis |
|
balance-similar-node-groups
|
string
|
Wykrywa podobne pule węzłów i równoważy liczbę węzłów między nimi.
Prawidłowe wartości to "true" i "false"
|
|
daemonset-eviction-for-empty-nodes
|
boolean
|
Zasobniki daemonSet będą bezpiecznie przerywane z pustych węzłów
Jeśli ustawiono wartość true, wszystkie zasobniki demonaset w pustych węzłach zostaną wykluczone przed usunięciem węzła. Jeśli zasobnik demona nie może zostać wykluczony z innego węzła, zostanie wybrany do skalowania. Jeśli zostanie ustawiona wartość false, węzeł zostanie usunięty bez upewnienia się, że zasobniki demona są usuwane lub eksmitowane.
|
|
daemonset-eviction-for-occupied-nodes
|
boolean
|
Zasobniki daemonSet będą bezpiecznie przerywane z węzłów niepustych
Jeśli ustawiono wartość true, wszystkie zasobniki demonaset na zajętych węzłach zostaną wykluczone przed usunięciem węzła. Jeśli zasobnik demona nie może zostać wykluczony z innego węzła, zostanie wybrany do skalowania. Jeśli zostanie ustawiona wartość false, węzeł zostanie usunięty bez upewnienia się, że zasobniki demona są usuwane lub eksmitowane.
|
|
expander
|
expander
|
Ekspander do użycia podczas skalowania w górę
Jeśli nie zostanie określony, wartość domyślna to "losowe". Aby uzyskać więcej informacji, zobacz rozszerzenia.
|
|
ignore-daemonsets-utilization
|
boolean
|
Jeśli urząd certyfikacji ignoruje zasobniki DaemonSet podczas obliczania wykorzystania zasobów na potrzeby skalowania w dół
W przypadku ustawienia wartości true zasoby używane przez demona zostaną uwzględnione podczas podejmowania decyzji dotyczących skalowania w dół.
|
|
max-empty-bulk-delete
|
string
|
Maksymalna liczba pustych węzłów, które można usunąć w tym samym czasie. Musi to być dodatnia liczba całkowita.
Wartość domyślna to 10.
|
|
max-graceful-termination-sec
|
string
|
Maksymalna liczba sekund, przez które narzędzie do automatycznego skalowania klastra oczekuje na zakończenie działania zasobnika podczas próby skalowania węzła w dół.
Wartość domyślna to 600.
|
|
max-node-provision-time
|
string
|
Maksymalny czas oczekiwania autoskalatora na aprowizowanie węzła.
Wartość domyślna to "15m". Wartości muszą być liczbą całkowitą, po której następuje 'm'. Nie jest obsługiwana żadna jednostka czasu innego niż minuty (m).
|
|
max-total-unready-percentage
|
string
|
Maksymalny procent nieprzeczytanych węzłów w klastrze. Po przekroczeniu tej wartości procentowej funkcja automatycznego skalowania klastra zatrzymuje operacje.
Wartość domyślna to 45. Wartość maksymalna to 100, a wartość minimalna to 0.
|
|
new-pod-scale-up-delay
|
string
|
Ignoruj niezaplanowane zasobniki, zanim będą w pewnym wieku.
W przypadku scenariuszy, takich jak skalowanie wsadowe/ wsadowe, w których nie chcesz, aby urząd certyfikacji działał przed zaplanowaniem harmonogramu kubernetes, można poinformować urząd certyfikacji, aby ignorował nieplanowane zasobniki przed upływem określonego wieku. Wartość domyślna to "0s". Wartości muszą być liczbą całkowitą, po której następuje jednostka (w sekundach, "m" przez minuty, "h" przez godziny itp.).
|
|
ok-total-unready-count
|
string
|
Liczba dozwolonych nieprzeczytanych węzłów niezależnie od maksymalnej liczby nieprzeczytanych wartości procentowych.
Musi to być liczba całkowita. Wartość domyślna to 3.
|
|
scale-down-delay-after-add
|
string
|
Jak długo po wznowieniu skalowania w górę w celu wznowienia oceny skalowania w dół
Wartość domyślna to "10m". Wartości muszą być liczbą całkowitą, po której następuje 'm'. Nie jest obsługiwana żadna jednostka czasu innego niż minuty (m).
|
|
scale-down-delay-after-delete
|
string
|
Jak długo po usunięciu węzła, które są wznawiane skalowanie w dół oceny.
Wartość domyślna to interwał skanowania. Wartości muszą być liczbą całkowitą, po której następuje 'm'. Nie jest obsługiwana żadna jednostka czasu innego niż minuty (m).
|
|
scale-down-delay-after-failure
|
string
|
Jak długo po awarii skalowania w dół wznawiana jest ocena skalowania w dół.
Wartość domyślna to "3m". Wartości muszą być liczbą całkowitą, po której następuje 'm'. Nie jest obsługiwana żadna jednostka czasu innego niż minuty (m).
|
|
scale-down-unneeded-time
|
string
|
Jak długo węzeł powinien być niepotrzebny, zanim kwalifikuje się do skalowania w dół.
Wartość domyślna to "10m". Wartości muszą być liczbą całkowitą, po której następuje 'm'. Nie jest obsługiwana żadna jednostka czasu innego niż minuty (m).
|
|
scale-down-unready-time
|
string
|
Jak długo nieczytelny węzeł powinien być niepotrzebny, zanim kwalifikuje się do skalowania w dół
Wartość domyślna to "20m". Wartości muszą być liczbą całkowitą, po której następuje 'm'. Nie jest obsługiwana żadna jednostka czasu innego niż minuty (m).
|
|
scale-down-utilization-threshold
|
string
|
Poziom wykorzystania węzła zdefiniowany jako suma żądanych zasobów podzielonych przez pojemność, poniżej którego węzeł można rozważyć pod kątem skalowania w dół.
Wartość domyślna to "0,5".
|
|
scan-interval
|
string
|
Częstotliwość ponownego oceny klastra w celu skalowania w górę lub w dół.
Wartość domyślna to "10". Wartości muszą być liczbą całkowitą sekund.
|
|
skip-nodes-with-local-storage
|
string
|
Jeśli narzędzie do automatycznego skalowania klastra pominie usuwanie węzłów z zasobnikami z magazynem lokalnym, na przykład EmptyDir lub HostPath.
Wartość domyślna to true.
|
|
skip-nodes-with-system-pods
|
string
|
Jeśli narzędzie do automatycznego skalowania klastra pominie usuwanie węzłów z zasobników z rozwiązania kube-system (z wyjątkiem zestawu DaemonSet lub zasobników dublowania)
Wartość domyślna to true.
|
AzureKeyVaultKms
Ustawienia usługi zarządzania kluczami usługi Azure Key Vault dla profilu zabezpieczeń.
| Nazwa |
Typ |
Domyślna wartość |
Opis |
|
enabled
|
boolean
|
|
Czy włączyć usługę zarządzania kluczami usługi Azure Key Vault. Wartość domyślna to false.
|
|
keyId
|
string
|
|
Identyfikator klucza usługi Azure Key Vault. Aby uzyskać więcej informacji, zobacz format identyfikatora klucza. Po włączeniu usługi zarządzania kluczami usługi Azure Key Vault to pole jest wymagane i musi być prawidłowym identyfikatorem klucza. Gdy usługa zarządzania kluczami usługi Azure Key Vault jest wyłączona, pozostaw pole puste.
|
|
keyVaultNetworkAccess
|
KeyVaultNetworkAccessTypes
|
Public
|
Dostęp sieciowy do magazynu kluczy
Dostęp sieciowy do magazynu kluczy. Możliwe wartości to Public i Private.
Public oznacza, że magazyn kluczy zezwala na dostęp publiczny ze wszystkich sieci.
Private oznacza, że magazyn kluczy wyłącza dostęp publiczny i włącza link prywatny. Wartość domyślna to Public.
|
|
keyVaultResourceId
|
string
|
|
Identyfikator zasobu magazynu kluczy. Jeśli funkcja keyVaultNetworkAccess jest Private, to pole jest wymagane i musi być prawidłowym identyfikatorem zasobu. Gdy parametr keyVaultNetworkAccess jest Public, pozostaw pole puste.
|
BackendPoolType
Typ zarządzanej puli zaplecza modułu równoważenia obciążenia dla ruchu przychodzącego.
CloudError
Odpowiedź na błąd z usługi Container Service.
CloudErrorBody
Odpowiedź na błąd z usługi Container Service.
| Nazwa |
Typ |
Opis |
|
code
|
string
|
Identyfikator błędu. Kody są niezmienne i mają być używane programowo.
|
|
details
|
CloudErrorBody[]
|
Lista dodatkowych szczegółów dotyczących błędu.
|
|
message
|
string
|
Komunikat opisujący błąd, który ma być odpowiedni do wyświetlania w interfejsie użytkownika.
|
|
target
|
string
|
Element docelowy określonego błędu. Na przykład nazwa właściwości w błędzie.
|
ClusterUpgradeSettings
Ustawienia uaktualniania klastra.
code
Informuje, czy klaster jest uruchomiony, czy zatrzymany
| Nazwa |
Typ |
Opis |
|
Running
|
string
|
Klaster jest uruchomiony.
|
|
Stopped
|
string
|
Klaster jest zatrzymany.
|
ContainerServiceLinuxProfile
Profil maszyn wirtualnych z systemem Linux w klastrze usługi kontenera.
| Nazwa |
Typ |
Opis |
|
adminUsername
|
string
|
Nazwa użytkownika administratora używana dla maszyn wirtualnych z systemem Linux.
|
|
ssh
|
ContainerServiceSshConfiguration
|
Konfiguracja SSH dla maszyn wirtualnych z systemem Linux uruchomionych na platformie Azure.
|
ContainerServiceNetworkProfile
Profil konfiguracji sieci.
| Nazwa |
Typ |
Domyślna wartość |
Opis |
|
advancedNetworking
|
AdvancedNetworking
|
|
Zaawansowany profil sieci umożliwiający obserwowanie i pakiet funkcji zabezpieczeń w klastrze. Aby uzyskać więcej informacji, zobacz aka.ms/aksadvancednetworking.
|
|
dnsServiceIP
|
string
|
10.0.0.10
|
Adres IP przypisany do usługi DNS Kubernetes. Musi znajdować się w zakresie adresów usługi Kubernetes określonym w usłudze ServiceCidr.
|
|
ipFamilies
|
ipFamily[]
|
|
Rodziny adresów IP używane do określania wersji adresów IP dostępnych dla klastra.
Rodziny adresów IP służą do określania klastrów z jednym stosem lub dwoma stosami. W przypadku pojedynczego stosu oczekiwana wartość to IPv4. W przypadku dwóch stosów oczekiwane wartości to IPv4 i IPv6.
|
|
loadBalancerProfile
|
ManagedClusterLoadBalancerProfile
|
|
Profil modułu równoważenia obciążenia klastra.
|
|
loadBalancerSku
|
loadBalancerSku
|
|
Jednostka SKU modułu równoważenia obciążenia dla klastra zarządzanego.
Wartość domyślna to "Standardowa". Aby uzyskać więcej informacji na temat różnic między jednostkami SKU modułu równoważenia obciążenia, zobacz jednostek SKU usługi Azure Load Balancer.
|
|
natGatewayProfile
|
ManagedClusterNATGatewayProfile
|
|
Profil bramy translatora adresów sieciowych klastra.
|
|
networkDataplane
|
networkDataplane
|
|
Plan danych sieci używany w klastrze Kubernetes.
|
|
networkMode
|
networkMode
|
|
Tryb sieciowy platformy Azure CNI jest skonfigurowany za pomocą polecenia .
Nie można tego określić, jeśli parametr networkPlugin jest inny niż "azure".
|
|
networkPlugin
|
NetworkPlugin
|
|
Wtyczka sieci używana do tworzenia sieci Kubernetes.
|
|
networkPluginMode
|
NetworkPluginMode
|
|
Tryb, który ma być używany przez wtyczkę sieci.
|
|
networkPolicy
|
NetworkPolicy
|
|
Zasady sieci używane do tworzenia sieci Kubernetes.
|
|
outboundType
|
outboundType
|
loadBalancer
|
Metoda routingu ruchu wychodzącego (wychodzącego).
Można to ustawić tylko w czasie tworzenia klastra i nie można go zmienić później. Aby uzyskać więcej informacji, zobacz typ ruchu wychodzącego wychodzącego.
|
|
podCidr
|
string
|
10.244.0.0/16
|
Zakres adresów IP notacji CIDR, z którego można przypisać adresy IP zasobników podczas użycia rozwiązania kubenet.
|
|
podCidrs
|
string[]
|
|
Adres IP notacji CIDR zawiera zakresy adresów IP, z których mają zostać przypisane adresy IP zasobników.
Oczekiwano jednej trasy CIDR protokołu IPv4 dla sieci z jednym stosem. Dla każdej rodziny adresów IP (IPv4/IPv6) są oczekiwane dwa elementy CIDRs, po jednej dla sieci z podwójnym stosem.
|
|
serviceCidr
|
string
|
10.0.0.0/16
|
Zakres adresów IP notacji CIDR, z którego chcesz przypisać adresy IP klastra usług. Nie może pokrywać się z żadnymi zakresami adresów IP podsieci.
|
|
serviceCidrs
|
string[]
|
|
Adres IP notacji CIDR zawiera zakresy adresów IP, z których należy przypisać adresy IP klastra usług.
Oczekiwano jednej trasy CIDR protokołu IPv4 dla sieci z jednym stosem. Dla każdej rodziny adresów IP (IPv4/IPv6) są oczekiwane dwa elementy CIDRs, po jednej dla sieci z podwójnym stosem. Nie mogą nakładać się na żadne zakresy adresów IP podsieci.
|
ContainerServiceSshConfiguration
Konfiguracja protokołu SSH dla maszyn wirtualnych z systemem Linux uruchomionych na platformie Azure.
| Nazwa |
Typ |
Opis |
|
publicKeys
|
ContainerServiceSshPublicKey[]
|
Lista kluczy publicznych SSH używanych do uwierzytelniania za pomocą maszyn wirtualnych opartych na systemie Linux. Można określić maksymalnie 1 klucz.
|
ContainerServiceSshPublicKey
Zawiera informacje o danych klucza publicznego certyfikatu SSH.
| Nazwa |
Typ |
Opis |
|
keyData
|
string
|
Klucz publiczny certyfikatu używany do uwierzytelniania za pomocą maszyn wirtualnych za pośrednictwem protokołu SSH. Certyfikat musi być w formacie PEM z nagłówkami lub bez.
|
createdByType
Typ tożsamości, która utworzyła zasób.
| Nazwa |
Typ |
Opis |
|
Application
|
string
|
|
|
Key
|
string
|
|
|
ManagedIdentity
|
string
|
|
|
User
|
string
|
|
CreationData
Dane używane podczas tworzenia zasobu docelowego na podstawie zasobu źródłowego.
| Nazwa |
Typ |
Opis |
|
sourceResourceId
|
string
|
Jest to identyfikator ARM obiektu źródłowego, który ma zostać użyty do utworzenia obiektu docelowego.
|
DelegatedResource
Właściwości delegowanego zasobu — tylko do użytku wewnętrznego.
| Nazwa |
Typ |
Opis |
|
location
|
string
|
Lokalizacja zasobu źródłowego — tylko do użytku wewnętrznego.
|
|
referralResource
|
string
|
Identyfikator delegowania delegowania odwołania (opcjonalnie) — tylko użycie wewnętrzne.
|
|
resourceId
|
string
|
Identyfikator zasobu usługi ARM delegowanego zasobu — tylko do użytku wewnętrznego.
|
|
tenantId
|
string
|
Identyfikator dzierżawy delegowanego zasobu — tylko do użytku wewnętrznego.
|
expander
Ekspander do użycia podczas skalowania w górę
| Nazwa |
Typ |
Opis |
|
least-waste
|
string
|
Wybiera grupę węzłów, która będzie mieć najmniej bezczynny procesor CPU (jeśli jest powiązany, nieużywany pamięć) po skalowaniu w górę. Jest to przydatne, gdy masz różne klasy węzłów, na przykład wysokie użycie procesora CPU lub wysokie węzły pamięci i chcesz rozszerzyć je tylko wtedy, gdy są oczekujące zasobniki, które wymagają dużej ilości tych zasobów.
|
|
most-pods
|
string
|
Wybiera grupę węzłów, która będzie mogła zaplanować większość zasobników podczas skalowania w górę. Jest to przydatne, gdy używasz narzędzia nodeSelector, aby upewnić się, że niektóre zasobniki znajdują się w niektórych węzłach. Należy pamiętać, że nie spowoduje to wybrania większego węzła w porównaniu z mniejszymi węzłami, ponieważ może jednocześnie dodać wiele mniejszych węzłów.
|
|
priority
|
string
|
Wybiera grupę węzłów, która ma najwyższy priorytet przypisany przez użytkownika. Konfiguracja została opisana w więcej szczegółów tutaj.
|
|
random
|
string
|
Używane, gdy nie ma konkretnej potrzeby, aby grupy węzłów były skalowane inaczej.
|
ExtendedLocation
Typ złożony lokalizacji rozszerzonej.
| Nazwa |
Typ |
Opis |
|
name
|
string
|
Nazwa lokalizacji rozszerzonej.
|
|
type
|
ExtendedLocationTypes
|
Typ lokalizacji rozszerzonej.
|
ExtendedLocationTypes
Typ lokalizacji rozszerzonej.
| Nazwa |
Typ |
Opis |
|
EdgeZone
|
string
|
|
GPUInstanceProfile
GpuInstanceProfile do użycia w celu określenia profilu wystąpienia migracji procesora GPU dla obsługiwanej jednostki SKU maszyny wirtualnej procesora GPU.
| Nazwa |
Typ |
Opis |
|
MIG1g
|
string
|
|
|
MIG2g
|
string
|
|
|
MIG3g
|
string
|
|
|
MIG4g
|
string
|
|
|
MIG7g
|
string
|
|
Identity
Tożsamość zasobu.
| Nazwa |
Typ |
Opis |
|
principalId
|
string
|
Identyfikator podmiotu zabezpieczeń tożsamości zasobu. Wartość musi być identyfikatorem UUID.
|
|
tenantId
|
string
|
Identyfikator dzierżawy zasobu. Wartość musi być identyfikatorem UUID.
|
|
type
|
ResourceIdentityType
|
Typ tożsamości.
|
ipFamily
Rodziny adresów IP używane do określania wersji adresów IP dostępnych dla klastra.
| Nazwa |
Typ |
Opis |
|
IPv4
|
string
|
|
|
IPv6
|
string
|
|
IPTag
Zawiera element IPTag skojarzony z obiektem .
| Nazwa |
Typ |
Opis |
|
ipTagType
|
string
|
Typ tagu IP. Przykład: RoutingPreference.
|
|
tag
|
string
|
Wartość tagu IP skojarzonego z publicznym adresem IP. Przykład: Internet.
|
IstioCertificateAuthority
Konfiguracja urzędu certyfikacji usługi Istio Service Mesh. Na razie obsługujemy tylko certyfikaty wtyczek zgodnie z opisem w tym https://aka.ms/asm-plugin-ca
IstioComponents
Konfiguracja składników istio.
IstioEgressGateway
Konfiguracja bramy ruchu wychodzącego Istio.
| Nazwa |
Typ |
Opis |
|
enabled
|
boolean
|
Czy włączyć bramę ruchu wychodzącego.
|
IstioIngressGateway
Konfiguracja bramy ruchu przychodzącego istio. Na razie obsługujemy maksymalnie jedną zewnętrzną bramę ruchu przychodzącego o nazwie aks-istio-ingressgateway-external i jedną wewnętrzną bramę ruchu przychodzącego o nazwie aks-istio-ingressgateway-internal.
| Nazwa |
Typ |
Opis |
|
enabled
|
boolean
|
Czy włączyć bramę ruchu przychodzącego.
|
|
mode
|
IstioIngressGatewayMode
|
Tryb bramy ruchu przychodzącego.
|
IstioIngressGatewayMode
Tryb bramy ruchu przychodzącego.
| Nazwa |
Typ |
Opis |
|
External
|
string
|
Brama ruchu przychodzącego ma przypisany publiczny adres IP i jest publicznie dostępna.
|
|
Internal
|
string
|
Brama ruchu przychodzącego jest przypisywana do wewnętrznego adresu IP i nie można uzyskać do niego dostępu publicznie.
|
IstioPluginCertificateAuthority
Informacje o certyfikatach wtyczki dla usługi Service Mesh.
| Nazwa |
Typ |
Opis |
|
certChainObjectName
|
string
|
Nazwa obiektu łańcucha certyfikatów w usłudze Azure Key Vault.
|
|
certObjectName
|
string
|
Nazwa obiektu certyfikatu pośredniego w usłudze Azure Key Vault.
|
|
keyObjectName
|
string
|
Nazwa obiektu klucza prywatnego certyfikatu pośredniego w usłudze Azure Key Vault.
|
|
keyVaultId
|
string
|
Identyfikator zasobu usługi Key Vault.
|
|
rootCertObjectName
|
string
|
Nazwa obiektu certyfikatu głównego w usłudze Azure Key Vault.
|
IstioServiceMesh
Konfiguracja siatki usługi Istio.
KeyVaultNetworkAccessTypes
Dostęp sieciowy do magazynu kluczy
| Nazwa |
Typ |
Opis |
|
Private
|
string
|
|
|
Public
|
string
|
|
KubeletConfig
Konfiguracje usługi Kubelet węzłów agenta.
| Nazwa |
Typ |
Opis |
|
allowedUnsafeSysctls
|
string[]
|
Dozwolona lista niebezpiecznych wzorców sysctl lub niebezpiecznych wzorców sysctl (kończących się na *).
|
|
containerLogMaxFiles
|
integer
|
Maksymalna liczba plików dziennika kontenera, które mogą być obecne dla kontenera. Liczba musi być ≥ 2.
|
|
containerLogMaxSizeMB
|
integer
|
Maksymalny rozmiar (np. 10Mi) pliku dziennika kontenera przed jego obróceniu.
|
|
cpuCfsQuota
|
boolean
|
Jeśli wymuszanie limitów przydziału procesora CPU CFS jest włączone dla kontenerów, które określają limity procesora CPU.
Wartość domyślna to true.
|
|
cpuCfsQuotaPeriod
|
string
|
Wartość okresu limitu przydziału procesora CPU CFS.
Wartość domyślna to "100 ms". Prawidłowe wartości to sekwencja liczb dziesiętnych z opcjonalnym ułamkiem i sufiksem jednostki. Na przykład: "300 ms", "2h45m". Obsługiwane jednostki to "ns", "us", "ms", "s", "m" i "h".
|
|
cpuManagerPolicy
|
string
|
Zasady menedżera procesora CPU do użycia.
Wartość domyślna to "none". Aby uzyskać więcej informacji, zobacz zasady zarządzania procesorem Kubernetes. Dozwolone wartości to "none" i "static".
|
|
failSwapOn
|
boolean
|
Jeśli ustawiono wartość true, uruchomienie polecenia Kubelet zakończy się niepowodzeniem, jeśli zamiana jest włączona w węźle.
|
|
imageGcHighThreshold
|
integer
|
Procent użycia dysku, po którym odzyskiwanie pamięci obrazu jest zawsze uruchamiane.
Aby wyłączyć odzyskiwanie pamięci obrazu, ustaw wartość 100. Wartość domyślna to 85%
|
|
imageGcLowThreshold
|
integer
|
Procent użycia dysku, przed którym odzyskiwanie pamięci obrazu nigdy nie jest uruchamiane.
Nie można ustawić tej wartości wyższej niż imageGcHighThreshold. Wartość domyślna to 80%
|
|
podMaxPids
|
integer
|
Maksymalna liczba procesów na zasobnik.
|
|
topologyManagerPolicy
|
string
|
Zasady Menedżera topologii do użycia.
Aby uzyskać więcej informacji, zobacz Menedżer topologii platformy Kubernetes. Wartość domyślna to "none". Dozwolone wartości to "none", "best-effort", "restricted" i "single-numa-node".
|
KubeletDiskType
Określa umieszczanie woluminów emptyDir, katalogu głównego danych środowiska uruchomieniowego kontenera i magazynu efemerycznego Kubelet.
| Nazwa |
Typ |
Opis |
|
OS
|
string
|
Platforma Kubelet będzie używać dysku systemu operacyjnego dla swoich danych.
|
|
Temporary
|
string
|
Platforma Kubelet będzie używać dysku tymczasowego dla swoich danych.
|
KubernetesSupportPlan
Różne warstwy pomocy technicznej dla klastrów zarządzanych usługi AKS
| Nazwa |
Typ |
Opis |
|
AKSLongTermSupport
|
string
|
Obsługa wersji rozszerzonej w przeszłości wsparcia platformy KubernetesOfficial przez 1 rok. Usługa AKS nadal poprawia CVEs przez kolejny 1 rok, przez łącznie 2 lata wsparcia.
|
|
KubernetesOfficial
|
string
|
Obsługa wersji jest taka sama jak w przypadku oferty kubernetes typu open source. Oficjalne wersje pomocy technicznej społeczności open source platformy Kubernetes przez 1 rok po wydaniu.
|
licenseType
Typ licencji do użycia dla maszyn wirtualnych z systemem Windows. Aby uzyskać więcej informacji, zobacz korzyści użycia hybrydowego platformy Azure.
| Nazwa |
Typ |
Opis |
|
None
|
string
|
Nie zastosowano żadnych dodatkowych licencji.
|
|
Windows_Server
|
string
|
Umożliwia korzystanie z korzyści użycia hybrydowego użytkownika platformy Azure dla maszyn wirtualnych z systemem Windows.
|
LinuxOSConfig
Konfiguracje systemu operacyjnego węzłów agenta systemu Linux.
| Nazwa |
Typ |
Opis |
|
swapFileSizeMB
|
integer
|
Rozmiar w MB pliku wymiany, który zostanie utworzony w każdym węźle.
|
|
sysctls
|
SysctlConfig
|
Ustawienia sysctl dla węzłów agenta systemu Linux.
|
|
transparentHugePageDefrag
|
string
|
Czy jądro powinno zwiększyć wykorzystanie kompaktowania pamięci w celu udostępnienia większej liczby ogromnych stron.
Prawidłowe wartości to "always", "defer", "defer+madvise", "madvise" i "never". Wartość domyślna to "madvise". Aby uzyskać więcej informacji, zobacz Transparent Hugepages.
|
|
transparentHugePageEnabled
|
string
|
Czy włączono przezroczyste ogromne strony.
Prawidłowe wartości to "always", "madvise" i "never". Wartość domyślna to "zawsze". Aby uzyskać więcej informacji, zobacz Transparent Hugepages.
|
loadBalancerSku
Jednostka SKU modułu równoważenia obciążenia dla klastra zarządzanego.
| Nazwa |
Typ |
Opis |
|
basic
|
string
|
Użyj podstawowego modułu równoważenia obciążenia z ograniczoną funkcjonalnością.
|
|
standard
|
string
|
Użyj standardowego modułu równoważenia obciążenia. Jest to zalecana jednostka SKU modułu równoważenia obciążenia. Aby uzyskać więcej informacji na temat pracy z modułem równoważenia obciążenia w klastrze zarządzanym, zobacz artykuł standardowego modułu równoważenia obciążenia.
|
ManagedCluster
Klaster zarządzany.
| Nazwa |
Typ |
Opis |
|
eTag
|
string
|
Unikatowy ciąg tylko do odczytu używany do implementowania optymistycznej współbieżności. Wartość elementu eTag zmieni się po zaktualizowaniu zasobu. Określ nagłówek if-match lub if-none-match z wartością eTag dla kolejnego żądania, aby włączyć optymistyczną współbieżność zgodnie z normalną konwencją etag.
|
|
extendedLocation
|
ExtendedLocation
|
Rozszerzona lokalizacja maszyny wirtualnej.
|
|
id
|
string
|
W pełni kwalifikowany identyfikator zasobu dla zasobu. Np. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
|
|
identity
|
ManagedClusterIdentity
|
Tożsamość klastra zarządzanego, jeśli jest skonfigurowana.
|
|
location
|
string
|
Lokalizacja geograficzna, w której znajduje się zasób
|
|
name
|
string
|
Nazwa zasobu
|
|
properties.aadProfile
|
ManagedClusterAADProfile
|
AADProfile określa atrybuty integracji usługi Azure Active Directory.
Konfiguracja usługi Azure Active Directory.
|
|
properties.addonProfiles
|
<string,
ManagedClusterAddonProfile>
|
Profil dodatku klastra zarządzanego.
|
|
properties.agentPoolProfiles
|
ManagedClusterAgentPoolProfile[]
|
Właściwości puli agentów.
|
|
properties.apiServerAccessProfile
|
ManagedClusterAPIServerAccessProfile
|
Profil dostępu dla serwera interfejsu API klastra zarządzanego.
|
|
properties.autoScalerProfile
|
AutoScalerProfile
|
Parametry, które mają być stosowane do skalowania automatycznego klastra po włączeniu
|
|
properties.autoUpgradeProfile
|
ManagedClusterAutoUpgradeProfile
|
Konfiguracja automatycznego uaktualniania.
|
|
properties.azureMonitorProfile
|
ManagedClusterAzureMonitorProfile
|
Profile dodatków usługi Azure Monitor do monitorowania klastra zarządzanego.
|
|
properties.azurePortalFQDN
|
string
|
Specjalna nazwa FQDN używana przez witrynę Azure Portal do uzyskiwania dostępu do klastra zarządzanego. Ta nazwa FQDN jest używana tylko przez witrynę Azure Portal i nie powinna być używana przez innych klientów.
Witryna Azure Portal wymaga wysłania niektórych nagłówków współużytkowania zasobów między źródłami (CORS, Cross-Origin Resource Sharing) w niektórych odpowiedziach, które platforma Kubernetes APIServer nie obsługuje domyślnie. Ta specjalna nazwa FQDN obsługuje mechanizm CORS, co umożliwia prawidłowe działanie witryny Azure Portal.
|
|
properties.currentKubernetesVersion
|
string
|
Wersja rozwiązania Kubernetes, na którym działa klaster zarządzany.
Jeśli parametr kubernetesVersion był w pełni określoną wersją <główna.pomocnicza.patch>, to pole będzie dokładnie równe. Jeśli parametr kubernetesVersion został <wersja główna.pomocnicza>, to pole będzie zawierać pełną <wersji głównej.pomocnicza.patch>.
|
|
properties.disableLocalAccounts
|
boolean
|
Jeśli konta lokalne powinny być wyłączone w klastrze zarządzanym.
Jeśli ustawiono wartość true, pobieranie poświadczeń statycznych zostanie wyłączone dla tego klastra. Należy go używać tylko w klastrach zarządzanych z włączoną usługą AAD. Aby uzyskać więcej informacji, zobacz wyłączanie kont lokalnych.
|
|
properties.diskEncryptionSetID
|
string
|
Identyfikator zasobu szyfrowania dysku ustawiony na potrzeby włączania szyfrowania magazynowanych.
Jest to forma: "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/diskEncryptionSets/{encryptionSetName}"
|
|
properties.dnsPrefix
|
string
|
Prefiks DNS klastra zarządzanego.
Nie można go zaktualizować po utworzeniu klastra zarządzanego.
|
|
properties.enablePodSecurityPolicy
|
boolean
|
(PRZESTARZAŁE) Czy włączyć zasady zabezpieczeń zasobnika Kubernetes (wersja zapoznawcza). Funkcja PodSecurityPolicy została uznana za przestarzałą w wersji 1.21 platformy Kubernetes i usunięta z platformy Kubernetes w wersji 1.25. Dowiedz się więcej na temat https://aka.ms/k8s/psp i https://aka.ms/aks/psp.
|
|
properties.enableRBAC
|
boolean
|
Czy włączyć platformę Kubernetes Role-Based kontrola dostępu.
|
|
properties.fqdn
|
string
|
Nazwa FQDN puli głównej.
|
|
properties.fqdnSubdomain
|
string
|
Poddomena nazwy FQDN klastra prywatnego z niestandardową prywatną strefą DNS.
Nie można go zaktualizować po utworzeniu klastra zarządzanego.
|
|
properties.httpProxyConfig
|
ManagedClusterHTTPProxyConfig
|
Konfiguracje aprowizowania klastra za pomocą serwerów proxy HTTP.
|
|
properties.identityProfile
|
<string,
UserAssignedIdentity>
|
Tożsamość użytkownika skojarzona z klastrem zarządzanym. Ta tożsamość będzie używana przez narzędzie kubelet. Dozwolona jest tylko jedna tożsamość przypisana przez użytkownika. Jedynym akceptowanym kluczem jest "kubeletidentity", z wartością "resourceId": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}".
|
|
properties.ingressProfile
|
ManagedClusterIngressProfile
|
Profil ruchu przychodzącego dla klastra zarządzanego.
|
|
properties.kubernetesVersion
|
string
|
Wersja platformy Kubernetes określona przez użytkownika.
Obsługiwane są obie wersje poprawek <major.minor.patch> (np. 1.20.13) i <major.minor> (np. 1.20). Po określeniu <główna.pomocnicza> jest wybierana automatycznie najnowsza obsługiwana wersja poprawki ogólnie dostępnej. Aktualizowanie klastra przy użyciu tego samego <major.minor> po jego utworzeniu (np. 1.14.x —> 1.14) nie wyzwoli uaktualnienia, nawet jeśli jest dostępna nowsza wersja poprawki. Podczas uaktualniania obsługiwanego klastra usługi AKS nie można pominąć wersji pomocniczych platformy Kubernetes. Wszystkie uaktualnienia muszą być wykonywane sekwencyjnie według numeru wersji głównej. Na przykład uaktualnienia z zakresu 1.14.x —> 1.15.x lub 1.15.x —> 1.16.x są dozwolone, jednak wersja 1.14.x —> 1.16.x jest niedozwolona. Aby uzyskać więcej informacji, zobacz uaktualniania klastra usługi AKS.
|
|
properties.linuxProfile
|
ContainerServiceLinuxProfile
|
Profil maszyn wirtualnych z systemem Linux w klastrze zarządzanym.
|
|
properties.maxAgentPools
|
integer
|
Maksymalna liczba pul agentów dla klastra zarządzanego.
|
|
properties.metricsProfile
|
ManagedClusterMetricsProfile
|
Opcjonalna konfiguracja metryk klastra.
|
|
properties.networkProfile
|
ContainerServiceNetworkProfile
|
Profil konfiguracji sieci.
|
|
properties.nodeResourceGroup
|
string
|
Nazwa grupy zasobów zawierającej węzły puli agentów.
|
|
properties.nodeResourceGroupProfile
|
ManagedClusterNodeResourceGroupProfile
|
Profil konfiguracji grupy zasobów węzła.
|
|
properties.oidcIssuerProfile
|
ManagedClusterOIDCIssuerProfile
|
Profil wystawcy OIDC klastra zarządzanego.
|
|
properties.podIdentityProfile
|
ManagedClusterPodIdentityProfile
|
Profil tożsamości zasobnika klastra zarządzanego.
Aby uzyskać więcej informacji na temat integracji tożsamości zasobnika usługi AAD, zobacz korzystanie z tożsamości zasobnika usługi AAD.
|
|
properties.powerState
|
PowerState
|
Stan zasilania klastra.
|
|
properties.privateFQDN
|
string
|
Nazwa FQDN klastra prywatnego.
|
|
properties.privateLinkResources
|
PrivateLinkResource[]
|
Zasoby łącza prywatnego skojarzone z klastrem.
|
|
properties.provisioningState
|
string
|
Bieżący stan aprowizacji.
|
|
properties.publicNetworkAccess
|
PublicNetworkAccess
|
PublicNetworkAccess zarządzanegocluster
Zezwalanie na dostęp do sieci publicznej dla usługi AKS lub odmawianie dostępu do sieci publicznej
|
|
properties.resourceUID
|
string
|
Identyfikator resourceUID jednoznacznie identyfikuje klasy ManagedClusters, które ponownie użyją identyfikatorów ResourceId usługi ARM (tj. tworzenia, usuwania, tworzenia sekwencji)
|
|
properties.securityProfile
|
ManagedClusterSecurityProfile
|
Profil zabezpieczeń klastra zarządzanego.
|
|
properties.serviceMeshProfile
|
ServiceMeshProfile
|
Profil usługi Service Mesh dla klastra zarządzanego.
|
|
properties.servicePrincipalProfile
|
ManagedClusterServicePrincipalProfile
|
Informacje o tożsamości jednostki usługi dla klastra do użycia do manipulowania interfejsami API platformy Azure.
|
|
properties.storageProfile
|
ManagedClusterStorageProfile
|
Profil magazynu dla klastra zarządzanego.
|
|
properties.supportPlan
|
KubernetesSupportPlan
|
Plan pomocy technicznej dla klastra zarządzanego. Jeśli nie określono, wartość domyślna to "KubernetesOfficial".
|
|
properties.upgradeSettings
|
ClusterUpgradeSettings
|
Ustawienia uaktualniania klastra.
|
|
properties.windowsProfile
|
ManagedClusterWindowsProfile
|
Profil maszyn wirtualnych z systemem Windows w klastrze zarządzanym.
|
|
properties.workloadAutoScalerProfile
|
ManagedClusterWorkloadAutoScalerProfile
|
Profil automatycznego skalowania obciążenia dla klastra zarządzanego.
|
|
sku
|
ManagedClusterSKU
|
Jednostka SKU klastra zarządzanego.
|
|
systemData
|
systemData
|
Metadane usługi Azure Resource Manager zawierające informacje createdBy i modifiedBy.
|
|
tags
|
object
|
Tagi zasobów.
|
|
type
|
string
|
Typ zasobu. Np. "Microsoft.Compute/virtualMachines" lub "Microsoft.Storage/storageAccounts"
|
ManagedClusterAADProfile
AADProfile określa atrybuty integracji usługi Azure Active Directory.
| Nazwa |
Typ |
Opis |
|
adminGroupObjectIDs
|
string[]
|
Lista identyfikatorów obiektów grupy usługi AAD, które będą miały rolę administratora klastra.
|
|
clientAppID
|
string
|
(PRZESTARZAŁE) Identyfikator aplikacji usługi AAD klienta. Dowiedz się więcej na stronie https://aka.ms/aks/aad-legacy.
|
|
enableAzureRBAC
|
boolean
|
Czy włączyć kontrolę dostępu opartą na rolach platformy Azure dla autoryzacji platformy Kubernetes.
|
|
managed
|
boolean
|
Czy włączyć zarządzaną usługę AAD.
|
|
serverAppID
|
string
|
(PRZESTARZAŁE) Identyfikator aplikacji usługi AAD serwera. Dowiedz się więcej na stronie https://aka.ms/aks/aad-legacy.
|
|
serverAppSecret
|
string
|
(PRZESTARZAŁE) Wpis tajny aplikacji usługi AAD serwera. Dowiedz się więcej na stronie https://aka.ms/aks/aad-legacy.
|
|
tenantID
|
string
|
Identyfikator dzierżawy usługi AAD do użycia do uwierzytelniania. Jeśli nie zostanie określony, użyje dzierżawy subskrypcji wdrożenia.
|
ManagedClusterAddonProfile
Profil dodatku Kubernetes dla klastra zarządzanego.
| Nazwa |
Typ |
Opis |
|
config
|
object
|
Pary klucz-wartość do konfigurowania dodatku.
|
|
enabled
|
boolean
|
Czy dodatek jest włączony, czy nie.
|
|
identity
|
Identity
|
Informacje o tożsamości przypisanej przez użytkownika używanej przez ten dodatek.
|
ManagedClusterAgentPoolProfile
Profil puli agentów usługi kontenera.
| Nazwa |
Typ |
Domyślna wartość |
Opis |
|
availabilityZones
|
string[]
|
|
Lista stref dostępności do użycia dla węzłów. Można to określić tylko wtedy, gdy właściwość AgentPoolType to "VirtualMachineScaleSets".
|
|
capacityReservationGroupID
|
string
|
|
W pełni kwalifikowany identyfikator zasobu grupy rezerwacji pojemności w celu udostępnienia maszyn wirtualnych z zarezerwowanej grupy maszyn wirtualnych.
Usługa AKS skojarzy określoną pulę agentów z grupą rezerwacji pojemności.
|
|
count
|
integer
|
|
Liczba agentów (maszyn wirtualnych) do hostowania kontenerów platformy Docker. Dozwolone wartości muszą należeć do zakresu od 0 do 1000 (włącznie) dla pul użytkowników i w zakresie od 1 do 1000 (włącznie) dla pul systemowych. Wartość domyślna to 1.
|
|
creationData
|
CreationData
|
|
CreationData do określenia źródłowego identyfikatora migawki, jeśli pula węzłów zostanie utworzona/uaktualniona przy użyciu migawki.
|
|
currentOrchestratorVersion
|
string
|
|
Wersja platformy Kubernetes, z uruchomioną pulą agentów.
Jeśli orchestratorVersion jest w pełni określoną wersją <major.minor.patch>, to pole będzie dokładnie równe. Jeśli element orchestratorVersion ma wartość <major.minor>, to pole będzie zawierać pełną <wersji głównej.pomocniczej.patch> używanej.
|
|
eTag
|
string
|
|
Unikatowy ciąg tylko do odczytu używany do implementowania optymistycznej współbieżności. Wartość elementu eTag zmieni się po zaktualizowaniu zasobu. Określ nagłówek if-match lub if-none-match z wartością eTag dla kolejnego żądania, aby włączyć optymistyczną współbieżność zgodnie z normalną konwencją etag.
|
|
enableAutoScaling
|
boolean
|
|
Czy włączyć automatyczne skalowanie
|
|
enableEncryptionAtHost
|
boolean
|
|
Czy włączyć szyfrowanie dysków danych i systemu operacyjnego opartego na hoście.
Jest to obsługiwane tylko w przypadku niektórych rozmiarów maszyn wirtualnych i w niektórych regionach świadczenia usługi Azure. Aby uzyskać więcej informacji, zobacz: https://docs.microsoft.com/azure/aks/enable-host-encryption
|
|
enableFIPS
|
boolean
|
|
Czy używać systemu operacyjnego z obsługą protokołu FIPS.
Aby uzyskać więcej informacji, zobacz Dodawanie puli węzłów z obsługą protokołu FIPS.
|
|
enableNodePublicIP
|
boolean
|
|
Określa, czy każdy węzeł jest przydzielany do własnego publicznego adresu IP.
Niektóre scenariusze mogą wymagać, aby węzły w puli węzłów odbierały własne dedykowane publiczne adresy IP. Typowy scenariusz dotyczy obciążeń gier, w których konsola musi nawiązać bezpośrednie połączenie z maszyną wirtualną w chmurze, aby zminimalizować przeskoki. Aby uzyskać więcej informacji, zobacz przypisywanie publicznego adresu IP na węzeł. Wartość domyślna to false.
|
|
enableUltraSSD
|
boolean
|
|
Czy włączyć warstwę UltraSSD
|
|
gpuInstanceProfile
|
GPUInstanceProfile
|
|
GpuInstanceProfile do użycia w celu określenia profilu wystąpienia migracji procesora GPU dla obsługiwanej jednostki SKU maszyny wirtualnej procesora GPU.
|
|
hostGroupID
|
string
|
|
W pełni kwalifikowany identyfikator zasobu dedykowanej grupy hostów do aprowizowania maszyn wirtualnych używany tylko w scenariuszu tworzenia i nie może zmienić się po ustawieniu.
Jest to formularz: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/hostGroups/{hostGroupName}. Aby uzyskać więcej informacji, zobacz dedykowanych hostów platformy Azure.
|
|
kubeletConfig
|
KubeletConfig
|
|
Konfiguracje usługi Kubelet węzłów agenta.
Konfiguracja rozwiązania Kubelet w węzłach puli agentów.
|
|
kubeletDiskType
|
KubeletDiskType
|
|
Określa umieszczanie woluminów emptyDir, katalogu głównego danych środowiska uruchomieniowego kontenera i magazynu efemerycznego Kubelet.
|
|
linuxOSConfig
|
LinuxOSConfig
|
|
Konfiguracje systemu operacyjnego węzłów agenta systemu Linux.
Konfiguracja systemu operacyjnego węzłów agenta systemu Linux.
|
|
maxCount
|
integer
|
|
Maksymalna liczba węzłów do automatycznego skalowania
|
|
maxPods
|
integer
|
|
Maksymalna liczba zasobników, które mogą być uruchamiane w węźle.
|
|
minCount
|
integer
|
|
Minimalna liczba węzłów do automatycznego skalowania
|
|
mode
|
AgentPoolMode
|
|
Tryb puli agentów.
Klaster musi mieć co najmniej jedną pulę agentów "System" przez cały czas. Aby uzyskać dodatkowe informacje na temat ograniczeń puli agentów i najlepszych rozwiązań, zobacz: https://docs.microsoft.com/azure/aks/use-system-pools
|
|
name
|
string
|
|
Unikatowa nazwa profilu puli agentów w kontekście subskrypcji i grupy zasobów.
Nazwy puli agentów systemu Windows muszą zawierać co najmniej 6 znaków.
|
|
networkProfile
|
AgentPoolNetworkProfile
|
|
Ustawienia związane z siecią puli agentów.
|
|
nodeImageVersion
|
string
|
|
Wersja obrazu węzła
|
|
nodeLabels
|
object
|
|
Etykiety węzłów, które mają być utrwalane we wszystkich węzłach w puli agentów.
|
|
nodePublicIPPrefixID
|
string
|
|
Identyfikator prefiksu publicznego adresu IP, z którego węzły maszyny wirtualnej powinny używać adresów IP.
Jest to forma: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPPrefixes/{publicIPPrefixName}
|
|
nodeTaints
|
string[]
|
|
Defekty dodane do nowych węzłów podczas tworzenia i skalowania puli węzłów. Na przykład key=value:NoSchedule.
|
|
orchestratorVersion
|
string
|
|
Wersja platformy Kubernetes określona przez użytkownika.
Obsługiwane są obie wersje poprawek <major.minor.patch> (np. 1.20.13) i <major.minor> (np. 1.20). Po określeniu <główna.pomocnicza> jest wybierana automatycznie najnowsza obsługiwana wersja poprawki ogólnie dostępnej. Aktualizowanie klastra przy użyciu tego samego <major.minor> po jego utworzeniu (np. 1.14.x —> 1.14) nie wyzwoli uaktualnienia, nawet jeśli jest dostępna nowsza wersja poprawki. Najlepszym rozwiązaniem jest uaktualnienie wszystkich pul węzłów w klastrze usługi AKS do tej samej wersji rozwiązania Kubernetes. Wersja puli węzłów musi mieć taką samą wersję główną jak płaszczyzna sterowania. Wersja pomocnicza puli węzłów musi należeć do dwóch wersji pomocniczych wersji płaszczyzny sterowania. Wersja puli węzłów nie może być większa niż wersja płaszczyzny sterowania. Aby uzyskać więcej informacji, zobacz uaktualnianie puli węzłów.
|
|
osDiskSizeGB
|
integer
|
|
Rozmiar dysku systemu operacyjnego w GB do określenia rozmiaru dysku dla każdej maszyny w puli głównej/agenta. Jeśli określisz wartość 0, zostanie zastosowana domyślna wartość osDisk size zgodnie z określoną wartością vmSize.
|
|
osDiskType
|
OSDiskType
|
|
Typ dysku systemu operacyjnego, który ma być używany dla maszyn w puli agentów.
Wartość domyślna to "Efemeryczna", jeśli maszyna wirtualna ją obsługuje i ma dysk pamięci podręcznej większy niż żądany dysk OSDiskSizeGB. W przeciwnym razie wartość domyślna to "Zarządzane". Nie można zmienić po utworzeniu. Aby uzyskać więcej informacji, zobacz efemeryczny system operacyjny.
|
|
osSKU
|
OSSKU
|
|
Określa jednostkę SKU systemu operacyjnego używaną przez pulę agentów. Wartość domyślna to Ubuntu, jeśli typ systemu operacyjnego to Linux. Wartość domyślna to Windows2019, gdy platforma Kubernetes <= 1.24 lub Windows2022, gdy platforma Kubernetes >= 1,25, jeśli typ systemu operacyjnego to Windows.
|
|
osType
|
OSType
|
Linux
|
Typ systemu operacyjnego. Wartość domyślna to Linux.
|
|
podSubnetID
|
string
|
|
Identyfikator podsieci, która zasobniki zostaną przyłączone po uruchomieniu.
W przypadku pominięcia adresy IP zasobników są statycznie przypisywane w podsieci węzła (zobacz vnetSubnetID, aby uzyskać więcej informacji). Jest to forma: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}
|
|
powerState
|
PowerState
|
|
Niezależnie od tego, czy pula agentów jest uruchomiona, czy zatrzymana.
Po pierwszym utworzeniu puli agentów jest ona początkowo uruchomiona. Pulę agentów można zatrzymać, ustawiając to pole na Zatrzymano. Zatrzymana pula agentów zatrzymuje wszystkie maszyny wirtualne i nie nalicza opłat za rozliczenia. Pulę agentów można zatrzymać tylko wtedy, gdy jest uruchomiona, a stan aprowizacji to Powodzenie
|
|
provisioningState
|
string
|
|
Bieżący stan wdrożenia lub aprowizacji.
|
|
proximityPlacementGroupID
|
string
|
|
Identyfikator grupy umieszczania w pobliżu.
|
|
scaleDownMode
|
ScaleDownMode
|
|
Tryb skalowania w dół używany podczas skalowania puli agentów.
Ma to również wpływ na zachowanie narzędzia do automatycznego skalowania klastra. Jeśli nie zostanie określony, domyślnie ma wartość Usuń.
|
|
scaleSetEvictionPolicy
|
ScaleSetEvictionPolicy
|
Delete
|
Zasady eksmisji zestawu skalowania maszyn wirtualnych do użycia.
Nie można tego określić, chyba że element scaleSetPriority ma wartość "Spot". Jeśli nie zostanie określony, wartość domyślna to "Usuń".
|
|
scaleSetPriority
|
ScaleSetPriority
|
Regular
|
Priorytet zestawu skalowania maszyn wirtualnych. Jeśli nie zostanie określony, wartość domyślna to "Regular".
|
|
securityProfile
|
AgentPoolSecurityProfile
|
|
Ustawienia zabezpieczeń puli agentów.
|
|
spotMaxPrice
|
number
|
-1
|
Maksymalna cena (w dolarach amerykańskich) jest gotowa zapłacić za wystąpienia typu spot. Możliwe wartości to dowolna wartość dziesiętna większa niż zero lub -1, która wskazuje, że domyślna cena ma być up-to na żądanie.
Możliwe wartości to dowolna wartość dziesiętna większa niż zero lub -1, która wskazuje gotowość do zapłaty dowolnej ceny na żądanie. Aby uzyskać więcej informacji na temat cennika typu spot, zobacz cennik maszyn wirtualnych typu spot
|
|
tags
|
object
|
|
Tagi, które mają być utrwalane w zestawie skalowania maszyn wirtualnych puli agentów.
|
|
type
|
AgentPoolType
|
|
Typ puli agentów.
|
|
upgradeSettings
|
AgentPoolUpgradeSettings
|
|
Ustawienia uaktualniania puli agentów
|
|
vmSize
|
string
|
|
Rozmiar maszyn wirtualnych puli agentów.
Dostępność rozmiaru maszyny wirtualnej różni się w zależności od regionu. Jeśli węzeł zawiera niewystarczające zasoby obliczeniowe (pamięć, procesor itp.), zasobniki mogą nie działać poprawnie. Aby uzyskać więcej informacji na temat ograniczonych rozmiarów maszyn wirtualnych, zobacz: https://docs.microsoft.com/azure/aks/quotas-skus-regions
|
|
vnetSubnetID
|
string
|
|
Identyfikator podsieci, która węzły puli agentów i opcjonalnie zasobniki zostaną przyłączone podczas uruchamiania.
Jeśli ta wartość nie zostanie określona, zostanie wygenerowana i użyta sieć wirtualna oraz podsieć. Jeśli nie określono parametru podSubnetID, dotyczy to węzłów i zasobników, w przeciwnym razie dotyczy tylko węzłów. Jest to forma: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}/subnets/{subnetName}
|
|
windowsProfile
|
AgentPoolWindowsProfile
|
|
Określony profil puli agentów systemu Windows.
|
|
workloadRuntime
|
WorkloadRuntime
|
|
Określa typ obciążenia, który może uruchomić węzeł.
|
ManagedClusterAPIServerAccessProfile
Profil dostępu dla serwera interfejsu API klastra zarządzanego.
| Nazwa |
Typ |
Opis |
|
authorizedIPRanges
|
string[]
|
Zakresy adresów IP autoryzowane do uzyskiwania dostępu do serwera interfejsu API Kubernetes.
Zakresy adresów IP są określane w formacie CIDR, np. 137.117.106.88/29. Ta funkcja nie jest zgodna z klastrami korzystającymi z publicznego adresu IP na węzeł lub klastrów korzystających z podstawowego modułu równoważenia obciążenia. Aby uzyskać więcej informacji, zobacz autoryzowanych zakresów adresów IP serwera interfejsu API.
|
|
disableRunCommand
|
boolean
|
Czy wyłączyć uruchamianie polecenia dla klastra, czy nie.
|
|
enablePrivateCluster
|
boolean
|
Czy klaster ma zostać utworzony jako klaster prywatny, czy nie.
Aby uzyskać więcej informacji, zobacz Tworzenie prywatnego klastra usługi AKS.
|
|
enablePrivateClusterPublicFQDN
|
boolean
|
Czy utworzyć dodatkową publiczną nazwę FQDN dla klastra prywatnego, czy nie.
|
|
privateDNSZone
|
string
|
Prywatny tryb strefy DNS dla klastra.
Wartość domyślna to System. Aby uzyskać więcej informacji, zobacz konfigurowanie prywatnej strefy DNS. Dozwolone wartości to "system" i "none".
|
ManagedClusterAutoUpgradeProfile
Profil automatycznego uaktualniania dla klastra zarządzanego.
ManagedClusterAzureMonitorProfile
Profile dodatków usługi Azure Monitor do monitorowania klastra zarządzanego.
| Nazwa |
Typ |
Opis |
|
metrics
|
ManagedClusterAzureMonitorProfileMetrics
|
Profil metryk dla usługi zarządzanej Azure Monitor dla dodatku Prometheus. Zbierz gotowe metryki infrastruktury kubernetes, aby wysyłać je do obszaru roboczego usługi Azure Monitor i konfigurować dodatkowe złomowanie dla niestandardowych obiektów docelowych. Aby zapoznać się z omówieniem, zobacz aka.ms/AzureManagedPrometheus.
|
ManagedClusterAzureMonitorProfileKubeStateMetrics
Profil metryk stanu platformy Kube dla dodatku Prometheus zarządzanego przez platformę Azure. Te opcjonalne ustawienia dotyczą zasobnika kube-state-metrics wdrożonego za pomocą dodatku. Aby uzyskać szczegółowe informacje, zobacz aka.ms/AzureManagedPrometheus-optional-parameters.
| Nazwa |
Typ |
Opis |
|
metricAnnotationsAllowList
|
string
|
Rozdzielona przecinkami lista kluczy adnotacji Kubernetes, które będą używane w metryce etykiet zasobu (przykład: "namespaces=[kubernetes.io/team,...],pods=[kubernetes.io/team],..."). Domyślnie metryka zawiera tylko nazwy zasobu i etykiety przestrzeni nazw.
|
|
metricLabelsAllowlist
|
string
|
Rozdzielona przecinkami lista dodatkowych kluczy etykiet Kubernetes, które będą używane w metryce etykiet zasobu (przykład: "namespaces=[k8s-label-1,k8s-label-n,...],pods=[app],...". Domyślnie metryka zawiera tylko nazwy zasobu i etykiety przestrzeni nazw.
|
ManagedClusterAzureMonitorProfileMetrics
Profil metryk dla usługi zarządzanej Azure Monitor dla dodatku Prometheus. Zbierz gotowe metryki infrastruktury kubernetes, aby wysyłać je do obszaru roboczego usługi Azure Monitor i konfigurować dodatkowe złomowanie dla niestandardowych obiektów docelowych. Aby zapoznać się z omówieniem, zobacz aka.ms/AzureManagedPrometheus.
| Nazwa |
Typ |
Opis |
|
enabled
|
boolean
|
Czy włączyć lub wyłączyć dodatek Prometheus zarządzany przez platformę Azure na potrzeby monitorowania rozwiązania Prometheus. Aby uzyskać szczegółowe informacje na temat włączania i wyłączania, zobacz aka.ms/AzureManagedPrometheus-aks-enable.
|
|
kubeStateMetrics
|
ManagedClusterAzureMonitorProfileKubeStateMetrics
|
Profil metryk stanu platformy Kube dla dodatku Prometheus zarządzanego przez platformę Azure. Te opcjonalne ustawienia dotyczą zasobnika kube-state-metrics wdrożonego za pomocą dodatku. Aby uzyskać szczegółowe informacje, zobacz aka.ms/AzureManagedPrometheus-optional-parameters.
|
ManagedClusterCostAnalysis
Konfiguracja analizy kosztów klastra
| Nazwa |
Typ |
Opis |
|
enabled
|
boolean
|
Czy włączyć analizę kosztów
Aby włączyć tę funkcję, musi być ustawiona wartość "Standardowa" lub "Premium". Włączenie tej opcji spowoduje dodanie szczegółów przestrzeni nazw i wdrożenia platformy Kubernetes do widoków Analiza kosztów w witrynie Azure Portal. Jeśli nie zostanie określony, wartość domyślna to false. Aby uzyskać więcej informacji, zobacz aka.ms/aks/docs/cost-analysis.
|
ManagedClusterHTTPProxyConfig
Konfiguracja serwera proxy HTTP klastra.
| Nazwa |
Typ |
Opis |
|
httpProxy
|
string
|
Punkt końcowy serwera proxy HTTP do użycia.
|
|
httpsProxy
|
string
|
Punkt końcowy serwera proxy HTTPS do użycia.
|
|
noProxy
|
string[]
|
Punkty końcowe, które nie powinny przechodzić przez serwer proxy.
|
|
trustedCa
|
string
|
Alternatywny certyfikat urzędu certyfikacji do użycia do nawiązywania połączenia z serwerami proxy.
|
ManagedClusterIdentity
Tożsamość klastra zarządzanego.
| Nazwa |
Typ |
Opis |
|
delegatedResources
|
<string,
DelegatedResource>
|
Delegowane zasoby tożsamości przypisane do tego klastra zarządzanego. Można to ustawić tylko przez innego dostawcę zasobów platformy Azure, a klaster zarządzany akceptuje tylko jeden delegowany zasób tożsamości. Tylko do użytku wewnętrznego.
|
|
principalId
|
string
|
Identyfikator podmiotu zabezpieczeń tożsamości przypisanej przez system, który jest używany przez składniki główne.
|
|
tenantId
|
string
|
Identyfikator dzierżawy tożsamości przypisanej przez system, która jest używana przez składniki główne.
|
|
type
|
ResourceIdentityType
|
Typ tożsamości używany dla klastra zarządzanego.
Aby uzyskać więcej informacji, zobacz use managed identities in AKS.
|
|
userAssignedIdentities
|
UserAssignedIdentities
|
Tożsamość użytkownika skojarzona z klastrem zarządzanym. Ta tożsamość będzie używana w płaszczyźnie sterowania. Dozwolona jest tylko jedna tożsamość przypisana przez użytkownika.
Klucze muszą być identyfikatorami zasobów usługi ARM w postaci: "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}".
|
ManagedClusterIngressProfile
Profil ruchu przychodzącego dla klastra usługi kontenera.
ManagedClusterIngressProfileWebAppRouting
Ustawienia dodatku routingu aplikacji dla profilu ruchu przychodzącego.
| Nazwa |
Typ |
Opis |
|
dnsZoneResourceIds
|
string[]
|
Identyfikatory zasobów stref DNS, które mają być skojarzone z dodatkiem Routing aplikacji. Używane tylko wtedy, gdy dodatek routingu aplikacji jest włączony. Publiczne i prywatne strefy DNS mogą znajdować się w różnych grupach zasobów, ale wszystkie publiczne strefy DNS muszą znajdować się w tej samej grupie zasobów, a wszystkie prywatne strefy DNS muszą znajdować się w tej samej grupie zasobów.
|
|
enabled
|
boolean
|
Czy włączyć dodatek routingu aplikacji.
|
|
identity
|
UserAssignedIdentity
|
Tożsamość zarządzana dodatku routingu aplikacji. Jest to tożsamość, która powinna mieć przyznane uprawnienia, na przykład do zarządzania skojarzonym zasobem usługi Azure DNS i pobierania certyfikatów z usługi Azure Key Vault. Aby uzyskać więcej instrukcji, zobacz omówienie dodatku.
|
ManagedClusterLoadBalancerProfile
Profil modułu równoważenia obciążenia klastra zarządzanego.
| Nazwa |
Typ |
Domyślna wartość |
Opis |
|
allocatedOutboundPorts
|
integer
|
0
|
Żądana liczba przydzielonych portów SNAT na maszynę wirtualną. Dozwolone wartości znajdują się w zakresie od 0 do 64000 (włącznie). Wartość domyślna to 0, co powoduje dynamiczne przydzielanie portów na platformie Azure.
|
|
backendPoolType
|
BackendPoolType
|
NodeIPConfiguration
|
Typ zarządzanej puli zaplecza modułu równoważenia obciążenia dla ruchu przychodzącego.
|
|
effectiveOutboundIPs
|
ResourceReference[]
|
|
Efektywne zasoby adresów IP ruchu wychodzącego modułu równoważenia obciążenia klastra.
|
|
enableMultipleStandardLoadBalancers
|
boolean
|
|
Włącz wiele standardowych modułów równoważenia obciążenia na klaster usługi AKS lub nie.
|
|
idleTimeoutInMinutes
|
integer
|
30
|
Żądany limit czasu bezczynności przepływu wychodzącego w minutach. Dozwolone wartości znajdują się w zakresie od 4 do 120 (włącznie). Wartość domyślna to 30 minut.
|
|
managedOutboundIPs
|
ManagedOutboundIPs
|
|
Żądane zarządzane adresy IP ruchu wychodzącego dla modułu równoważenia obciążenia klastra.
|
|
outboundIPPrefixes
|
OutboundIPPrefixes
|
|
Żądane zasoby prefiksu adresów IP dla modułu równoważenia obciążenia klastra.
|
|
outboundIPs
|
OutboundIPs
|
|
Żądane zasoby adresów IP ruchu wychodzącego dla modułu równoważenia obciążenia klastra.
|
ManagedClusterManagedOutboundIPProfile
Profil zarządzanych zasobów wychodzących IP klastra zarządzanego.
| Nazwa |
Typ |
Domyślna wartość |
Opis |
|
count
|
integer
|
1
|
Żądana liczba wychodzących adresów IP utworzonych/zarządzanych przez platformę Azure. Dozwolone wartości muszą należeć do zakresu od 1 do 16 (włącznie). Wartość domyślna to 1.
|
ManagedClusterMetricsProfile
Profil metryk zarządzanychcluster.
| Nazwa |
Typ |
Opis |
|
costAnalysis
|
ManagedClusterCostAnalysis
|
Konfiguracja szczegółowej analizy kosztów zasobów platformy Kubernetes.
Konfiguracja analizy kosztów klastra
|
ManagedClusterNATGatewayProfile
Profil bramy translatora adresów sieciowych klastra zarządzanego.
| Nazwa |
Typ |
Domyślna wartość |
Opis |
|
effectiveOutboundIPs
|
ResourceReference[]
|
|
Efektywne zasoby adresów IP ruchu wychodzącego bramy translatora adresów sieciowych klastra.
|
|
idleTimeoutInMinutes
|
integer
|
4
|
Żądany limit czasu bezczynności przepływu wychodzącego w minutach. Dozwolone wartości znajdują się w zakresie od 4 do 120 (włącznie). Wartość domyślna to 4 minuty.
|
|
managedOutboundIPProfile
|
ManagedClusterManagedOutboundIPProfile
|
|
Profil zarządzanych zasobów wychodzących IP bramy translatora adresów sieciowych klastra.
|
ManagedClusterNodeResourceGroupProfile
Profil blokady grupy zasobów węzła dla klastra zarządzanego.
| Nazwa |
Typ |
Opis |
|
restrictionLevel
|
RestrictionLevel
|
Poziom ograniczeń zastosowany do grupy zasobów węzła klastra. Jeśli nie zostanie określony, wartość domyślna to "Bez ograniczeń"
|
ManagedClusterOIDCIssuerProfile
Profil wystawcy OIDC klastra zarządzanego.
| Nazwa |
Typ |
Opis |
|
enabled
|
boolean
|
Czy wystawca OIDC jest włączony.
|
|
issuerURL
|
string
|
Adres URL wystawcy OIDC klastra zarządzanego.
|
ManagedClusterPodIdentity
Szczegółowe informacje o tożsamości zasobnika przypisanej do klastra zarządzanego.
| Nazwa |
Typ |
Opis |
|
bindingSelector
|
string
|
Selektor powiązania do użycia dla zasobu AzureIdentityBinding.
|
|
identity
|
UserAssignedIdentity
|
Szczegóły tożsamości przypisanej przez użytkownika.
|
|
name
|
string
|
Nazwa tożsamości zasobnika.
|
|
namespace
|
string
|
Przestrzeń nazw tożsamości zasobnika.
|
|
provisioningInfo
|
ProvisioningInfo
|
|
|
provisioningState
|
ManagedClusterPodIdentityProvisioningState
|
Bieżący stan aprowizacji tożsamości zasobnika.
|
ManagedClusterPodIdentityException
Wyjątek tożsamości zasobnika, który umożliwia zasobnikom z określonymi etykietami dostęp do punktu końcowego usługi Azure Instance Metadata Service (IMDS) bez przechwytywania przez serwer tożsamości zarządzanej węzła (NMI).
| Nazwa |
Typ |
Opis |
|
name
|
string
|
Nazwa wyjątku tożsamości zasobnika.
|
|
namespace
|
string
|
Przestrzeń nazw wyjątku tożsamości zasobnika.
|
|
podLabels
|
object
|
Etykiety zasobników do dopasowania.
|
ManagedClusterPodIdentityProfile
Profil tożsamości zasobnika klastra zarządzanego.
| Nazwa |
Typ |
Opis |
|
allowNetworkPluginKubenet
|
boolean
|
Określa, czy tożsamość zasobnika może być uruchamiana w klastrach z siecią Kubenet.
Uruchamianie w usłudze Kubenet jest domyślnie wyłączone ze względu na charakter związany z zabezpieczeniami tożsamości zasobnika usługi AAD i ryzyko fałszowania adresów IP. Aby uzyskać więcej informacji, zobacz using Kubenet network plugin with AAD Pod Identity (Wtyczka sieci kubenet z tożsamością zasobnika usługi AAD).
|
|
enabled
|
boolean
|
Czy dodatek tożsamości zasobnika jest włączony.
|
|
userAssignedIdentities
|
ManagedClusterPodIdentity[]
|
Tożsamości zasobników do użycia w klastrze.
|
|
userAssignedIdentityExceptions
|
ManagedClusterPodIdentityException[]
|
Wyjątki dotyczące tożsamości zasobnika, które mają być dozwolone.
|
ManagedClusterPodIdentityProvisioningError
Odpowiedź na błąd z aprowizacji tożsamości zasobnika.
ManagedClusterPodIdentityProvisioningErrorBody
Odpowiedź na błąd z aprowizacji tożsamości zasobnika.
| Nazwa |
Typ |
Opis |
|
code
|
string
|
Identyfikator błędu. Kody są niezmienne i mają być używane programowo.
|
|
details
|
ManagedClusterPodIdentityProvisioningErrorBody[]
|
Lista dodatkowych szczegółów dotyczących błędu.
|
|
message
|
string
|
Komunikat opisujący błąd, który ma być odpowiedni do wyświetlania w interfejsie użytkownika.
|
|
target
|
string
|
Element docelowy określonego błędu. Na przykład nazwa właściwości w błędzie.
|
ManagedClusterPodIdentityProvisioningState
Bieżący stan aprowizacji tożsamości zasobnika.
| Nazwa |
Typ |
Opis |
|
Assigned
|
string
|
|
|
Canceled
|
string
|
|
|
Deleting
|
string
|
|
|
Failed
|
string
|
|
|
Succeeded
|
string
|
|
|
Updating
|
string
|
|
ManagedClusterSecurityProfile
Profil zabezpieczeń klastra usługi kontenera.
ManagedClusterSecurityProfileDefender
Ustawienia usługi Microsoft Defender dla profilu zabezpieczeń.
| Nazwa |
Typ |
Opis |
|
logAnalyticsWorkspaceResourceId
|
string
|
Identyfikator zasobu obszaru roboczego usługi Log Analytics, który ma być skojarzony z usługą Microsoft Defender. Gdy usługa Microsoft Defender jest włączona, to pole jest wymagane i musi być prawidłowym identyfikatorem zasobu obszaru roboczego. Gdy usługa Microsoft Defender jest wyłączona, pozostaw pole puste.
|
|
securityMonitoring
|
ManagedClusterSecurityProfileDefenderSecurityMonitoring
|
Wykrywanie zagrożeń w usłudze Microsoft Defender dla ustawień chmury dla profilu zabezpieczeń.
|
ManagedClusterSecurityProfileDefenderSecurityMonitoring
Ustawienia usługi Microsoft Defender dla wykrywania zagrożeń profilu zabezpieczeń.
| Nazwa |
Typ |
Opis |
|
enabled
|
boolean
|
Czy włączyć wykrywanie zagrożeń w usłudze Defender
|
ManagedClusterSecurityProfileImageCleaner
Narzędzie Image Cleaner usuwa nieużywane obrazy z węzłów, zwalniając miejsce na dysku i pomagając zmniejszyć obszar powierzchni podatnej na ataki. Poniżej przedstawiono ustawienia profilu zabezpieczeń.
| Nazwa |
Typ |
Opis |
|
enabled
|
boolean
|
Czy włączyć narzędzie Image Cleaner w klastrze usługi AKS.
|
|
intervalHours
|
integer
|
Interwał skanowania czyszczenia obrazów w godzinach.
|
ManagedClusterSecurityProfileWorkloadIdentity
Ustawienia tożsamości obciążenia dla profilu zabezpieczeń.
| Nazwa |
Typ |
Opis |
|
enabled
|
boolean
|
Czy włączyć tożsamość obciążenia.
|
ManagedClusterServicePrincipalProfile
Informacje o tożsamości jednostki usługi dla klastra do użycia do manipulowania interfejsami API platformy Azure.
| Nazwa |
Typ |
Opis |
|
clientId
|
string
|
Identyfikator jednostki usługi.
|
|
secret
|
string
|
Hasło tajne skojarzone z jednostką usługi w postaci zwykłego tekstu.
|
ManagedClusterSKU
Jednostka SKU klastra zarządzanego.
ManagedClusterSKUName
Nazwa jednostki SKU klastra zarządzanego.
| Nazwa |
Typ |
Opis |
|
Base
|
string
|
Opcja podstawowa dla płaszczyzny sterowania usługi AKS.
|
ManagedClusterSKUTier
Warstwa jednostki SKU klastra zarządzanego.
| Nazwa |
Typ |
Opis |
|
Free
|
string
|
Zarządzanie klastrem jest bezpłatne, ale naliczane są opłaty za użycie maszyn wirtualnych, magazynu i sieci. Najlepsze w przypadku eksperymentów, uczenia się, prostego testowania lub obciążeń z mniej niż 10 węzłami. Niezalecane w przypadku przypadków użycia w środowisku produkcyjnym.
|
|
Premium
|
string
|
Klaster ma funkcje w warstwie Premium oprócz wszystkich funkcji dostępnych w wersji "Standardowa". Wersja Premium umożliwia wybór opcji LongTermSupport (aka.ms/aks/lts) dla niektórych wersji platformy Kubernetes.
|
|
Standard
|
string
|
Zalecane w przypadku obciążeń o znaczeniu krytycznym i produkcyjnym. Obejmuje automatyczne skalowanie płaszczyzny sterowania Platformy Kubernetes, testowanie intensywnie korzystające z obciążenia i maksymalnie 5000 węzłów na klaster. Gwarantuje dostępność punktu końcowego serwera interfejsu API Kubernetes w wersji 99.95% dla klastrów korzystających ze stref dostępności i 99,9% dostępności dla klastrów, które nie korzystają ze stref dostępności.
|
ManagedClusterStorageProfile
Profil magazynu dla klastra usługi kontenera.
ManagedClusterStorageProfileBlobCSIDriver
Ustawienia sterownika CSI usługi AzureBlob dla profilu magazynu.
| Nazwa |
Typ |
Opis |
|
enabled
|
boolean
|
Czy włączyć sterownik AZUREBlob CSI. Wartość domyślna to false.
|
ManagedClusterStorageProfileDiskCSIDriver
Ustawienia sterownika AZUREDisk CSI dla profilu magazynu.
| Nazwa |
Typ |
Opis |
|
enabled
|
boolean
|
Czy włączyć sterownik AzureDisk CSI. Wartość domyślna to true.
|
ManagedClusterStorageProfileFileCSIDriver
Ustawienia sterownika AZUREFile CSI dla profilu magazynu.
| Nazwa |
Typ |
Opis |
|
enabled
|
boolean
|
Czy włączyć sterownik AzureFile CSI. Wartość domyślna to true.
|
ManagedClusterStorageProfileSnapshotController
Ustawienia kontrolera migawek dla profilu magazynu.
| Nazwa |
Typ |
Opis |
|
enabled
|
boolean
|
Czy włączyć kontroler migawek. Wartość domyślna to true.
|
ManagedClusterWindowsProfile
Profil maszyn wirtualnych z systemem Windows w klastrze zarządzanym.
| Nazwa |
Typ |
Opis |
|
adminPassword
|
string
|
Określa hasło konta administratora.
minimalna długość : 8 znaków
maksymalna długość: 123 znaków
wymagania dotyczące złożoności: należy spełnić 3 na 4 poniższe warunki
Ma małe znaki
Ma wielkie znaki
Ma cyfrę
Ma znak specjalny (dopasowanie wyrażenia regularnego [\W_])
niedozwolone wartości: "abc@123", "P@$$w 0rd", "P@ssw0rd", "P@ssword123", "Pa$$word", "pass@word1", "Password!", "Password1", "Password22", "iloveyou!"
|
|
adminUsername
|
string
|
Określa nazwę konta administratora.
Ograniczenie: Nie można zakończyć się "."
niedozwolone wartości: "administrator", "admin", "user", "user1", "test", "user2", "test1", "user3", "admin1", "admin1", "1", "123", "a", "actuser", "adm", "admin2", "aspnet", "backup", "console", "david", "guest", "john", "owner", "root", "server", "sql", "support", "support_388945a0", "sys", "test2", "test3", "user4", "user5".
minimalna długość : 1 znak
maksymalna długość: 20 znaków
|
|
enableCSIProxy
|
boolean
|
Czy włączyć serwer proxy CSI.
Aby uzyskać więcej informacji na temat serwera proxy CSI, zobacz repozytorium GitHub proxy CSI.
|
|
gmsaProfile
|
WindowsGmsaProfile
|
Profil gMSA systemu Windows w klastrze zarządzanym.
|
|
licenseType
|
licenseType
|
Typ licencji do użycia dla maszyn wirtualnych z systemem Windows. Aby uzyskać więcej informacji, zobacz korzyści użycia hybrydowego platformy Azure.
|
ManagedClusterWorkloadAutoScalerProfile
Profil automatycznego skalowania obciążenia dla klastra zarządzanego.
ManagedClusterWorkloadAutoScalerProfileKeda
Ustawienia skalowania automatycznego opartego na zdarzeniach platformy KEDA (Kubernetes Event-driven Autoscaling) dla profilu automatycznego skalowania obciążenia.
| Nazwa |
Typ |
Opis |
|
enabled
|
boolean
|
Czy włączyć usługę KEDA.
|
ManagedClusterWorkloadAutoScalerProfileVerticalPodAutoscaler
Ustawienia narzędzia VPA (vertical Pod Autoscaler) dla profilu automatycznego skalowania obciążenia.
| Nazwa |
Typ |
Domyślna wartość |
Opis |
|
enabled
|
boolean
|
False
|
Czy włączyć vpa. Wartość domyślna to false.
|
ManagedOutboundIPs
Żądane zarządzane adresy IP ruchu wychodzącego dla modułu równoważenia obciążenia klastra.
| Nazwa |
Typ |
Domyślna wartość |
Opis |
|
count
|
integer
|
1
|
Żądana liczba wychodzących adresów IP protokołu IPv4 utworzonych/zarządzanych przez platformę Azure dla modułu równoważenia obciążenia klastra. Dozwolone wartości muszą należeć do zakresu od 1 do 100 (włącznie). Wartość domyślna to 1.
|
|
countIPv6
|
integer
|
0
|
Żądana liczba adresów IP ruchu wychodzącego IPv6 utworzonych/zarządzanych przez platformę Azure dla modułu równoważenia obciążenia klastra. Dozwolone wartości muszą należeć do zakresu od 1 do 100 (włącznie). Wartość domyślna to 0 dla pojedynczego stosu i 1 dla podwójnego stosu.
|
networkDataplane
Plan danych sieci używany w klastrze Kubernetes.
| Nazwa |
Typ |
Opis |
|
azure
|
string
|
Użyj płaszczyzny danych sieci platformy Azure.
|
|
cilium
|
string
|
Użyj płaszczyzny danych sieci Cilium. Aby uzyskać więcej informacji, zobacz Azure CNI Powered by Cilium.
|
networkMode
Tryb sieciowy platformy Azure CNI jest skonfigurowany za pomocą polecenia .
| Nazwa |
Typ |
Opis |
|
bridge
|
string
|
Nie jest to już obsługiwane
|
|
transparent
|
string
|
Nie utworzono mostka. Intra-VM komunikacja zasobnika z zasobnikami odbywa się za pośrednictwem tras IP utworzonych przez usługę Azure CNI. Aby uzyskać więcej informacji, zobacz tryb przezroczysty.
|
NetworkPlugin
Wtyczka sieci używana do tworzenia sieci Kubernetes.
| Nazwa |
Typ |
Opis |
|
azure
|
string
|
Użyj wtyczki sieciowej usługi Azure CNI. Aby uzyskać więcej informacji, zobacz sieci usługi Azure CNI (advanced).
|
|
kubenet
|
string
|
Użyj wtyczki sieciowej Kubenet. Aby uzyskać więcej informacji, zobacz sieci platformy Kubenet (podstawowa).
|
|
none
|
string
|
Wtyczka CNI nie jest wstępnie zainstalowana. Aby uzyskać więcej informacji, zobacz BYO CNI.
|
NetworkPluginMode
Tryb, który ma być używany przez wtyczkę sieci.
| Nazwa |
Typ |
Opis |
|
overlay
|
string
|
Używany z parametrem networkPlugin=azure, zasobniki otrzymują adresy IP z przestrzeni adresowej PodCIDR, ale używają domen routingu platformy Azure, a nie metody tabel tras platformy Kubenet. Aby uzyskać więcej informacji, odwiedź https://aka.ms/aks/azure-cni-overlay.
|
NetworkPolicy
Zasady sieci używane do tworzenia sieci Kubernetes.
| Nazwa |
Typ |
Opis |
|
azure
|
string
|
Użyj zasad sieci platformy Azure. Aby uzyskać więcej informacji, zobacz różnice między zasadami platformy Azure i calico.
|
|
calico
|
string
|
Użyj zasad sieci Calico. Aby uzyskać więcej informacji, zobacz różnice między zasadami platformy Azure i calico.
|
|
cilium
|
string
|
Użyj narzędzia Cilium, aby wymusić zasady sieciowe. Wymaga to, aby networkDataplane był "cilium".
|
|
none
|
string
|
Zasady sieci nie zostaną wymuszone. Jest to wartość domyślna, gdy wartość NetworkPolicy nie jest określona.
|
nodeOSUpgradeChannel
Kanał uaktualniania systemu operacyjnego Node
| Nazwa |
Typ |
Opis |
|
NodeImage
|
string
|
Usługa AKS zaktualizuje węzły przy użyciu nowo poprawionego wirtualnego dysku twardego zawierającego poprawki zabezpieczeń i poprawki błędów co tydzień. Po ponownym odtworzeniu obrazu wirtualnego dysku twardego maszyny aktualizacji zostaną wyświetlone na tym dysku VHD po oknach konserwacji i ustawieniach skoków. Podczas wybierania tej opcji jako hostowanie obrazów przez usługę AKS nie są naliczane żadne dodatkowe koszty dysku VHD.
|
|
None
|
string
|
Żadna próba zaktualizowania systemu operacyjnego maszyn nie zostanie podjęta przez system operacyjny lub przez stopniowe dyski VHD. Oznacza to, że odpowiadasz za aktualizacje zabezpieczeń
|
|
SecurityPatch
|
string
|
Usługa AKS pobiera i aktualizuje węzły przy użyciu przetestowanych aktualizacji zabezpieczeń. Te aktualizacje honorują ustawienia okna obsługi i tworzą nowy wirtualny dysk twardy używany w nowych węzłach. W niektórych przypadkach nie można zastosować aktualizacji, w takich przypadkach istniejące węzły również zostaną ponownie zreprodukowane do nowo utworzonego wirtualnego dysku twardego w celu zastosowania zmian. Ta opcja wiąże się z dodatkowymi kosztami hostowania nowych dysków VHD poprawek zabezpieczeń w grupie zasobów na potrzeby użycia just in time.
|
|
Unmanaged
|
string
|
Aktualizacje systemu operacyjnego będą stosowane automatycznie za pośrednictwem wbudowanej infrastruktury stosowania poprawek systemu operacyjnego. Nowo skalowane w maszynach będą początkowo niezaznaczone i będą poprawiane w pewnym momencie przez infrastrukturę systemu operacyjnego. Zachowanie tej opcji zależy od danego systemu operacyjnego. System Ubuntu i Mariner stosują poprawki zabezpieczeń za pośrednictwem nienadzorowanego uaktualnienia mniej więcej raz dziennie około 06:00 UTC. System Windows nie stosuje automatycznie poprawek zabezpieczeń, dlatego dla nich ta opcja jest równoważna brakowi do odwołania
|
OSDiskType
Typ dysku systemu operacyjnego, który ma być używany dla maszyn w puli agentów.
| Nazwa |
Typ |
Opis |
|
Ephemeral
|
string
|
Efemeryczne dyski systemu operacyjnego są przechowywane tylko na maszynie hosta, podobnie jak dysk tymczasowy. Zapewnia to mniejsze opóźnienie odczytu/zapisu oraz szybsze skalowanie węzłów i uaktualnienia klastra.
|
|
Managed
|
string
|
Platforma Azure replikuje dysk systemu operacyjnego dla maszyny wirtualnej do usługi Azure Storage, aby uniknąć utraty danych, jeśli maszyna wirtualna musi zostać przeniesiona na inny host. Ponieważ kontenery nie są zaprojektowane tak, aby stan lokalny był utrwalany, to zachowanie zapewnia ograniczoną wartość, zapewniając pewne wady, w tym wolniejsze aprowizowanie węzłów i większe opóźnienie odczytu/zapisu.
|
OSSKU
Określa jednostkę SKU systemu operacyjnego używaną przez pulę agentów. Wartość domyślna to Ubuntu, jeśli typ systemu operacyjnego to Linux. Wartość domyślna to Windows2019, gdy platforma Kubernetes <= 1.24 lub Windows2022, gdy platforma Kubernetes >= 1,25, jeśli typ systemu operacyjnego to Windows.
| Nazwa |
Typ |
Opis |
|
AzureLinux
|
string
|
Użyj usługi AzureLinux jako systemu operacyjnego dla obrazów węzłów. Azure Linux to zoptymalizowana pod kątem kontenera dystrybucja systemu Linux utworzona przez firmę Microsoft, odwiedź stronę https://aka.ms/azurelinux, aby uzyskać więcej informacji.
|
|
CBLMariner
|
string
|
Przestarzałe jednostki OSSKU. Firma Microsoft zaleca, aby nowe wdrożenia zamiast tego wybierały pozycję "AzureLinux".
|
|
Ubuntu
|
string
|
Użyj systemu Ubuntu jako systemu operacyjnego dla obrazów węzłów.
|
|
Windows2019
|
string
|
Użyj systemu Windows2019 jako systemu operacyjnego dla obrazów węzłów. Nieobsługiwane dla pul węzłów systemowych. System Windows2019 obsługuje tylko kontenery systemu Windows2019; Nie można uruchomić kontenerów systemu Windows2022 i na odwrót.
|
|
Windows2022
|
string
|
Użyj systemu Windows2022 jako systemu operacyjnego dla obrazów węzłów. Nieobsługiwane dla pul węzłów systemowych. System Windows2022 obsługuje tylko kontenery systemu Windows2022; nie może uruchamiać kontenerów systemu Windows 2019 i na odwrót.
|
OSType
Typ systemu operacyjnego. Wartość domyślna to Linux.
| Nazwa |
Typ |
Opis |
|
Linux
|
string
|
Użyj systemu Linux.
|
|
Windows
|
string
|
Użyj systemu Windows.
|
OutboundIPPrefixes
Żądane zasoby prefiksu adresów IP dla modułu równoważenia obciążenia klastra.
| Nazwa |
Typ |
Opis |
|
publicIPPrefixes
|
ResourceReference[]
|
Lista zasobów prefiksu publicznego adresu IP.
|
OutboundIPs
Żądane zasoby adresów IP ruchu wychodzącego dla modułu równoważenia obciążenia klastra.
outboundType
Metoda routingu ruchu wychodzącego (wychodzącego).
| Nazwa |
Typ |
Opis |
|
loadBalancer
|
string
|
Moduł równoważenia obciążenia jest używany do ruchu wychodzącego za pośrednictwem publicznego adresu IP przypisanego przez usługę AKS. Obsługuje to usługi Kubernetes typu "loadBalancer". Aby uzyskać więcej informacji, zobacz typ obciążenia ruchu wychodzącego.
|
|
managedNATGateway
|
string
|
Brama translatora adresów sieciowych zarządzana przez usługę AKS jest używana do ruchu wychodzącego.
|
|
userAssignedNATGateway
|
string
|
Brama translatora adresów sieciowych przypisana przez użytkownika skojarzona z podsiecią klastra jest używana do ruchu wychodzącego. Jest to zaawansowany scenariusz i wymaga odpowiedniej konfiguracji sieci.
|
|
userDefinedRouting
|
string
|
Ścieżki ruchu wychodzącego muszą być zdefiniowane przez użytkownika. Jest to zaawansowany scenariusz i wymaga odpowiedniej konfiguracji sieci. Aby uzyskać więcej informacji, zobacz typ ruchu wychodzącego userDefinedRouting.
|
PortRange
Zakres portów.
| Nazwa |
Typ |
Opis |
|
portEnd
|
integer
|
Maksymalny port uwzględniony w zakresie. Powinien on zawierać zakres od 1 do 65535 i być większy niż lub równy portStart.
|
|
portStart
|
integer
|
Minimalny port uwzględniony w zakresie. Powinien on być z zakresu od 1 do 65535 i być mniejszy lub równy portEnd.
|
|
protocol
|
Protocol
|
Protokół sieciowy portu.
|
PowerState
Opisuje stan zasilania klastra
| Nazwa |
Typ |
Opis |
|
code
|
code
|
Informuje, czy klaster jest uruchomiony, czy zatrzymany
|
PrivateLinkResource
Zasób łącza prywatnego
| Nazwa |
Typ |
Opis |
|
groupId
|
string
|
Identyfikator grupy zasobu.
|
|
id
|
string
|
Identyfikator zasobu łącza prywatnego.
|
|
name
|
string
|
Nazwa zasobu łącza prywatnego.
|
|
privateLinkServiceID
|
string
|
Identyfikator usługi łącza prywatnego zasobu, to pole jest uwidocznione tylko wewnętrznie dla dostawcy usług nrp.
|
|
requiredMembers
|
string[]
|
Liczba wymaganych elementów zasobu
|
|
type
|
string
|
Typ zasobu.
|
Protocol
Protokół sieciowy portu.
| Nazwa |
Typ |
Opis |
|
TCP
|
string
|
Protokół TCP.
|
|
UDP
|
string
|
Protokół UDP.
|
ProvisioningInfo
PublicNetworkAccess
PublicNetworkAccess zarządzanegocluster
| Nazwa |
Typ |
Opis |
|
Disabled
|
string
|
|
|
Enabled
|
string
|
|
ResourceIdentityType
Typ tożsamości używany dla klastra zarządzanego.
| Nazwa |
Typ |
Opis |
|
None
|
string
|
Nie używaj tożsamości zarządzanej dla klastra zarządzanego, zamiast tego zostanie użyta jednostka usługi.
|
|
SystemAssigned
|
string
|
Użyj niejawnie utworzonej tożsamości zarządzanej przypisanej przez system do zarządzania zasobami klastra. Składniki główne na płaszczyźnie sterowania, takie jak kube-controller-manager, będą używać przypisanej przez system tożsamości zarządzanej do manipulowania zasobami platformy Azure.
|
|
UserAssigned
|
string
|
Zarządzanie zasobami klastra przy użyciu tożsamości określonej przez użytkownika. Składniki główne na płaszczyźnie sterowania, takie jak kube-controller-manager, będą używać określonej tożsamości zarządzanej przypisanej przez użytkownika do manipulowania zasobami platformy Azure.
|
ResourceReference
Odwołanie do zasobu platformy Azure.
| Nazwa |
Typ |
Opis |
|
id
|
string
|
W pełni kwalifikowany identyfikator zasobu platformy Azure.
|
RestrictionLevel
Poziom ograniczeń zastosowany do grupy zasobów węzła klastra. Jeśli nie zostanie określony, wartość domyślna to "Bez ograniczeń"
| Nazwa |
Typ |
Opis |
|
ReadOnly
|
string
|
Tylko */odczyt uprawnień RBAC dozwolonych w grupie zasobów węzła zarządzanego
|
|
Unrestricted
|
string
|
Wszystkie uprawnienia kontroli dostępu opartej na rolach są dozwolone w grupie zasobów węzła zarządzanego
|
ScaleDownMode
Opisuje sposób dodawania lub usuwania maszyn wirtualnych z pul agentów. Zobacz stany rozliczeń.
| Nazwa |
Typ |
Opis |
|
Deallocate
|
string
|
Spróbuj rozpocząć cofanie przydziału wystąpień (jeśli istnieją) podczas skalowania w górę i cofania przydziału wystąpień podczas skalowania w dół.
|
|
Delete
|
string
|
Tworzenie nowych wystąpień podczas skalowania w górę i usuwanie wystąpień podczas skalowania w dół.
|
ScaleSetEvictionPolicy
Zasady eksmisji zestawu skalowania maszyn wirtualnych.
| Nazwa |
Typ |
Opis |
|
Deallocate
|
string
|
Węzły w bazowym zestawie skalowania puli węzłów są ustawione na stan zatrzymanego przydziału po eksmisji. Węzły w zatrzymanej liczbie stanu cofania przydziału zasobów obliczeniowych i mogą powodować problemy ze skalowaniem lub uaktualnianiem klastra.
|
|
Delete
|
string
|
Węzły w bazowym zestawie skalowania puli węzłów są usuwane podczas eksmitowania.
|
ScaleSetPriority
Priorytet zestawu skalowania maszyn wirtualnych.
| Nazwa |
Typ |
Opis |
|
Regular
|
string
|
Będą używane zwykłe maszyny wirtualne.
|
|
Spot
|
string
|
Będą używane maszyny wirtualne o priorytcie typu spot. Brak umowy SLA dla węzłów typu spot. Aby uzyskać więcej informacji, zobacz miejscu w usłudze AKS.
|
ServiceMeshMode
Tryb siatki usług.
| Nazwa |
Typ |
Opis |
|
Disabled
|
string
|
Siatka jest wyłączona.
|
|
Istio
|
string
|
Istio wdrożone jako dodatek usługi AKS.
|
ServiceMeshProfile
Profil usługi Service Mesh dla klastra zarządzanego.
SysctlConfig
Ustawienia sysctl dla węzłów agenta systemu Linux.
| Nazwa |
Typ |
Opis |
|
fsAioMaxNr
|
integer
|
Ustawienie Sysctl fs.aio-max-nr.
|
|
fsFileMax
|
integer
|
Ustawienie sysctl fs.file-max.
|
|
fsInotifyMaxUserWatches
|
integer
|
Ustawienie sysctl fs.inotify.max_user_watches.
|
|
fsNrOpen
|
integer
|
Ustawienie Sysctl fs.nr_open.
|
|
kernelThreadsMax
|
integer
|
Ustawienie sysctl kernel.threads-max.
|
|
netCoreNetdevMaxBacklog
|
integer
|
Ustawienie Sysctl net.core.netdev_max_backlog.
|
|
netCoreOptmemMax
|
integer
|
Ustawienie sysctl net.core.optmem_max.
|
|
netCoreRmemDefault
|
integer
|
Ustawienie Sysctl net.core.rmem_default.
|
|
netCoreRmemMax
|
integer
|
Ustawienie sysctl net.core.rmem_max.
|
|
netCoreSomaxconn
|
integer
|
Ustawienie sysctl net.core.somaxconn.
|
|
netCoreWmemDefault
|
integer
|
Ustawienie sysctl net.core.wmem_default.
|
|
netCoreWmemMax
|
integer
|
Ustawienie sysctl net.core.wmem_max.
|
|
netIpv4IpLocalPortRange
|
string
|
Ustawienie sysctl net.ipv4.ip_local_port_range.
|
|
netIpv4NeighDefaultGcThresh1
|
integer
|
Ustawienie sysctl net.ipv4.neigh.default.gc_thresh1.
|
|
netIpv4NeighDefaultGcThresh2
|
integer
|
Ustawienie Sysctl net.ipv4.neigh.default.gc_thresh2.
|
|
netIpv4NeighDefaultGcThresh3
|
integer
|
Ustawienie sysctl net.ipv4.neigh.default.gc_thresh3.
|
|
netIpv4TcpFinTimeout
|
integer
|
Ustawienie Sysctl net.ipv4.tcp_fin_timeout.
|
|
netIpv4TcpKeepaliveProbes
|
integer
|
Ustawienie sysctl net.ipv4.tcp_keepalive_probes.
|
|
netIpv4TcpKeepaliveTime
|
integer
|
Ustawienie sysctl net.ipv4.tcp_keepalive_time.
|
|
netIpv4TcpMaxSynBacklog
|
integer
|
Ustawienie Sysctl net.ipv4.tcp_max_syn_backlog.
|
|
netIpv4TcpMaxTwBuckets
|
integer
|
Ustawienie Sysctl net.ipv4.tcp_max_tw_buckets.
|
|
netIpv4TcpTwReuse
|
boolean
|
Ustawienie Sysctl net.ipv4.tcp_tw_reuse.
|
|
netIpv4TcpkeepaliveIntvl
|
integer
|
Ustawienie sysctl net.ipv4.tcp_keepalive_intvl.
|
|
netNetfilterNfConntrackBuckets
|
integer
|
Ustawienie sysctl net.netfilter.nf_conntrack_buckets.
|
|
netNetfilterNfConntrackMax
|
integer
|
Ustawienie sysctl net.netfilter.nf_conntrack_max.
|
|
vmMaxMapCount
|
integer
|
Ustawienie sysctl vm.max_map_count.
|
|
vmSwappiness
|
integer
|
Ustawienie sysctl vm.swappiness.
|
|
vmVfsCachePressure
|
integer
|
Ustawienie Sysctl vm.vfs_cache_pressure.
|
systemData
Metadane dotyczące tworzenia i ostatniej modyfikacji zasobu.
| Nazwa |
Typ |
Opis |
|
createdAt
|
string
|
Sygnatura czasowa tworzenia zasobu (UTC).
|
|
createdBy
|
string
|
Tożsamość, która utworzyła zasób.
|
|
createdByType
|
createdByType
|
Typ tożsamości, która utworzyła zasób.
|
|
lastModifiedAt
|
string
|
Znacznik czasu ostatniej modyfikacji zasobu (UTC)
|
|
lastModifiedBy
|
string
|
Tożsamość, która ostatnio zmodyfikowała zasób.
|
|
lastModifiedByType
|
createdByType
|
Typ tożsamości, która ostatnio zmodyfikowała zasób.
|
upgradeChannel
Kanał uaktualniania na potrzeby automatycznego uaktualniania. Wartość domyślna to "none".
| Nazwa |
Typ |
Opis |
|
node-image
|
string
|
Automatycznie uaktualnij obraz węzła do najnowszej dostępnej wersji. Rozważ użycie węzła NODEOSUpgradeChannel, ponieważ pozwala to skonfigurować stosowanie poprawek systemu operacyjnego węzła niezależnie od stosowania poprawek wersji platformy Kubernetes
|
|
none
|
string
|
Wyłącza automatyczne uaktualnianie i utrzymuje klaster w bieżącej wersji rozwiązania Kubernetes.
|
|
patch
|
string
|
Automatycznie uaktualnij klaster do najnowszej obsługiwanej wersji poprawki, gdy stanie się ona dostępna, zachowując tę samą wersję pomocniczą. Jeśli na przykład klaster jest uruchomiony w wersji 1.17.7 i w wersjach 1.17.9, 1.18.4, 1.18.6 i 1.19.1, klaster zostanie uaktualniony do wersji 1.17.9.
|
|
rapid
|
string
|
Automatycznie uaktualnij klaster do najnowszej obsługiwanej wersji poprawki w najnowszej obsługiwanej wersji pomocniczej. W przypadkach, gdy klaster znajduje się w wersji rozwiązania Kubernetes, która znajduje się w wersji pomocniczej N-2, w której N jest najnowszą obsługiwaną wersją pomocniczą, klaster najpierw uaktualnia do najnowszej obsługiwanej wersji poprawki w wersji pomocniczej N-1. Jeśli na przykład klaster działa w wersji 1.17.7 i w wersjach 1.17.9, 1.18.4, 1.18.6 i 1.19.1, klaster najpierw zostanie uaktualniony do wersji 1.18.6, a następnie zostanie uaktualniony do wersji 1.19.1.
|
|
stable
|
string
|
Automatycznie uaktualnij klaster do najnowszej obsługiwanej wersji poprawki w wersji pomocniczej N-1, gdzie N jest najnowszą obsługiwaną wersją pomocniczą. Jeśli na przykład klaster działa w wersji 1.17.7 i w wersjach 1.17.9, 1.18.4, 1.18.6 i 1.19.1, klaster zostanie uaktualniony do wersji 1.18.6.
|
UpgradeOverrideSettings
Ustawienia przesłonięć podczas uaktualniania klastra.
| Nazwa |
Typ |
Opis |
|
forceUpgrade
|
boolean
|
Czy wymusić uaktualnienie klastra. Należy pamiętać, że ta opcja instruuje operację uaktualniania, aby pominąć zabezpieczenia uaktualnienia, takie jak sprawdzanie przestarzałego użycia interfejsu API. Włącz tę opcję tylko z ostrożnością.
|
|
until
|
string
|
Do momentu, gdy przesłonięcia są skuteczne. Należy pamiętać, że jest to zgodne tylko z godziną rozpoczęcia uaktualnienia, a skuteczność nie zmieni się po uruchomieniu uaktualnienia, nawet jeśli until wygaśnie po kontynuowaniu uaktualniania. To pole nie jest domyślnie ustawione. Aby przesłonięcia zaczęły obowiązywać, należy go ustawić.
|
UserAssignedIdentities
Tożsamość użytkownika skojarzona z klastrem zarządzanym. Ta tożsamość będzie używana w płaszczyźnie sterowania. Dozwolona jest tylko jedna tożsamość przypisana przez użytkownika.
UserAssignedIdentity
Szczegółowe informacje o tożsamości przypisanej przez użytkownika.
| Nazwa |
Typ |
Opis |
|
clientId
|
string
|
Identyfikator klienta tożsamości przypisanej przez użytkownika.
|
|
objectId
|
string
|
Identyfikator obiektu tożsamości przypisanej przez użytkownika.
|
|
resourceId
|
string
|
Identyfikator zasobu tożsamości przypisanej przez użytkownika.
|
WindowsGmsaProfile
Profil gMSA systemu Windows w klastrze zarządzanym.
| Nazwa |
Typ |
Opis |
|
dnsServer
|
string
|
Określa serwer DNS dla systemu Windows gMSA.
Ustaw ją na pustą, jeśli skonfigurowano serwer DNS w sieci wirtualnej, która jest używana do tworzenia klastra zarządzanego.
|
|
enabled
|
boolean
|
Czy włączyć gMSA systemu Windows.
Określa, czy włączyć grupę zarządzania systemem Windows w klastrze zarządzanym.
|
|
rootDomainName
|
string
|
Określa nazwę domeny głównej dla gMSA systemu Windows.
Ustaw ją na pustą, jeśli skonfigurowano serwer DNS w sieci wirtualnej, która jest używana do tworzenia klastra zarządzanego.
|
WorkloadRuntime
Określa typ obciążenia, który może uruchomić węzeł.
| Nazwa |
Typ |
Opis |
|
OCIContainer
|
string
|
Węzły będą używać rozwiązania Kubelet do uruchamiania standardowych obciążeń kontenerów OCI.
|
|
WasmWasi
|
string
|
Węzły będą używać narzędzia Krustlet do uruchamiania obciążeń WASM przy użyciu dostawcy WASI (wersja zapoznawcza).
|